aeNovo is a web content management system. Due to improper file premission settings on the database directory it is possible for a remote attacker to download the product's database file and grab from it sensitive information.
Restrict access the the aeNovo's database file or directory by setting file/directory restrictions.
- Andy's PHP Knowledgebase Multiple Cross-Site Scripting Vulnerabilities
- Apache Tomcat SecurityConstraints Security Bypass Vulnerability
- AN Guestbook Local File Inclusion Vulnerability
- Aardvark Topsites <= 4.2.2 Remote File Inclusion Vulnerability
- Apache Tomcat source.jsp malformed request information disclosure