Required CVE Record Information
Description
eFileMan 7.1.0.87-88 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain unspecified user information via a direct request for cgi-bin/efileman/efileman_config.pm.
References 4 Total
- securityfocus.com: 20071023 [Vulz] eFileMan 7.x Multiple Vulnerabilities by Xcross87 mailing-list
- securityfocus.com: 26184 vdb-entry
- osvdb.org: 39012 vdb-entry
- securityreason.com: 3323 third-party-advisory
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 4 Total
- securityfocus.com: 20071023 [Vulz] eFileMan 7.x Multiple Vulnerabilities by Xcross87 mailing-listx_transferred
- securityfocus.com: 26184 vdb-entryx_transferred
- osvdb.org: 39012 vdb-entryx_transferred
- securityreason.com: 3323 third-party-advisoryx_transferred