Asp User Engine.net
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-6494 | 0.03 | — | 0.02 | Mar 20, 2009 | ASP User Engine.NET stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for users.mdb. | |||
| CVE-2008-5601 | 0.03 | — | 0.03 | Dec 16, 2008 | User Engine Lite ASP stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for users.mdb. |
- CVE-2008-6494Mar 20, 2009risk 0.03cvss —epss 0.02
ASP User Engine.NET stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for users.mdb.
- CVE-2008-5601Dec 16, 2008risk 0.03cvss —epss 0.03
User Engine Lite ASP stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for users.mdb.