AeNovo Database Content Disclosure Vulnerability Network Vulnerability

Summary

aeNovo is a web content management system. Due to improper file premission settings on the database directory it is possible for a remote attacker to download the product's database file and grab from it sensitive information.

Solution

Restrict access the the aeNovo's database file or directory by setting file/directory restrictions.

Severity

Classification

CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apple Safari Multiple Vulnerabilities
AdaptCMS Lite Cross Site Scripting and Remote File Include Vulnerabilities
Apache Tomcat Login Constraints Security Bypass Vulnerability
Apache Open For Business HTML injection vulnerability
Apache Tiles Multiple XSS Vulnerability

aeNovo Database Content Disclosure Vulnerability

Take action and discover your vulnerabilities