Filtered by vendor Freedville Subscriptions
Filtered by product Bloghelper Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2009-0826 1 Freedville 1 Bloghelper 2024-11-21 N/A
BlogHelper stores common_db.inc under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request.