Predictable Database Backup File Names in Artiphp CMS 5.5.0 Neo (r422) with Insufficient Access Control

Predictable Database Backup File Names in Artiphp CMS 5.5.0 Neo (r422) with Insufficient Access Control

CVE-2012-2905 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Artiphp CMS 5.5.0 Neo (r422) stores database backups with predictable names under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request.

Learn more about our Web App Pen Testing.