ClearBudget Invalid '.htaccess' Unauthorized Access Vulnerability Network Vulnerability

Summary

ClearBudget is prone to an unauthorized-access vulnerability because it fails to properly restrict access to certain directories. An attacker can exploit this vulnerability to gain access to database contents. Information harvested can lead to further attacks. ClearBudget 0.6.1 is vulnerable other versions may also be affected.

Solution

The vendor released an update to address this issue. Please see http://clearbudget.douteaud.com/ for more information.

Severity

Classification

CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache Tomcat Login Constraints Security Bypass Vulnerability
Apache Tomcat cal2.jsp Cross Site Scripting Vulnerability
Apache Tomcat Directory Listing and File disclosure
Apple Safari Multiple Vulnerabilities
Adobe Presenter viewer.swf and loadflash.js XSS Vulnerability

Take action and discover your vulnerabilities