Unrated severityNVD Advisory· Published Jan 21, 2009· Updated Jun 16, 2026
CVE-2008-5935
CVE-2008-5935
Description
Facto stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the password via a direct request for database/facto.mdb. NOTE: some of these details are obtained from third party information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:factosystem:factosystem_weblog:*:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.