BlogHelper stores common_db.inc under the web root with insufficient access control, which allows remote malicious users to download the database file containing user credentials via a direct request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freedville bloghelper - |