MidnightBSD

Advisories for digitaldesign_cms_project

CVE-2009-3597 MEDIUM

Digitaldesign CMS 0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for autoconfig.dd.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-552,

Products Affected

Vendor Product Version
digitaldesign_cms_project digitaldesign_cms 0.1