|
Family: CGI abuses --> Category: infos
aeNovo Database Content Disclosure Vulnerability Vulnerability Scan
Vulnerability Scan Summary Searches for the existence of DB file of aeNovo
Detailed Explanation for this Vulnerability Test
aeNovo is a web content management system. Due to improper file premission
settings on the database directory it is possible for a remote attacker
to download the product's database file and grab from it sensitive information.
Solution: Restrict access the the aeNovo's database file or directory by setting
file/directory restrictions.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|