ClearBudget Invalid '.htaccess' Unauthorized Access Vulnerability

ClearBudget is prone to an unauthorized-access vulnerability because it fails to properly restrict access to certain directories.

An attacker can exploit this vulnerability to gain access to database contents. Information harvested can lead to further attacks.

ClearBudget 0.6.1 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus