header-logo
Suggest Exploit
vendor:
NewsTraXor
by:
Unknown
7.5
CVSS
HIGH
Remote Database Disclosure
200
CWE
Product Name: NewsTraXor
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE: a:newstraxor
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

NewsTraXor Remote Database Disclosure Vulnerability

NewsTraXor is affected by a remote database disclosure vulnerability. The issue is caused by a design error that allows the database file to be globally readable. This vulnerability may allow a remote attacker to gain unauthorized administrative access to the affected web application.

Mitigation:

To mitigate this vulnerability, ensure that the database file is properly protected and not globally readable. Restrict access to the database file to authorized users only.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10194/info

Reportedly NewsTraXor is affected by a remote database disclosure vulnerability. This issue is due to a design error that allows the database file to be globally readable.

This issue may allow a remote attacker to gain unauthorized administrative access to the affected web application.

www.example.com/news/Dbase/nTrax.mdb