CVE-2009-2606

Metadata

CVE-2009-2606
5.0
exploit-db.com
2009-07-27
2017-09-19 07:07

Description

ASP Football Pool 2.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for NFL.mdb.

Related Vulnerabilities