aeNovo is a web content management system. Due to improper file premission settings on the database directory it is possible for a remote attacker to download the product's database file and grab from it sensitive information.
Restrict access the the aeNovo's database file or directory by setting file/directory restrictions.
- Adobe Presenter viewer.swf and loadflash.js XSS Vulnerability
- Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
- Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability
- /doc directory browsable ?
- AfterLogic WebMail Pro Multiple Cross Site Scripting Vulnerabilities