Showing 1 - 1 of 1

CVE-2010-0123

Status Candidate

Overview

The database backup implementation in Employee Timeclock Software 0.99 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for a "semi-predictable file name."

Related Files

Employee Timeclock Software Backup Information Disclosure: Posted Mar 10, 2010; Site secunia.com; Secunia Research has discovered security issue in Employee Timeclock Software, which can be exploited by malicious people to disclose sensitive information. The database backup functionality stores the database backup with a semi-predictable file name inside the web root. This can be exploited to download the backup by guessing the file name. Version 0.99 is affected.; tags | advisory, web, root; advisories | CVE-2010-0123; SHA-256 | 791197339282ae1c20bc6bc0ce2857c777981663ae904b29ba627e0864d2d08b; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 380 files
Ubuntu 86 files
Debian 26 files
Gentoo 18 files
tmrswrr 10 files
Ph0s 5 files
R0ckE7 5 files
Google Security Research 4 files
Rahad Chowdhury 4 files
Chizuru Toyama 3 files

File Archives

Systems

AIX (429)
Apple (2,037)
BSD (375)
CentOS (57)
Cisco (1,926)
Debian (6,910)
Fedora (1,692)
FreeBSD (1,246)
Gentoo (4,379)
HPUX (880)
iOS (363)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (47,831)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (486)
RedHat (14,615)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,131)
UNIX (9,339)
UnixWare (187)
Windows (6,606)
Other

CVE-2010-0123

Overview

Related Files

File Archive:

November 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems