- Description
- The Backup selection in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier uses predicable filenames for database backups and stores the files under the web root with insufficient access control, which allows remote attackers to obtain sensitive information by downloading a backup file.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kailash_nadh:boastmachine:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E07E0861-8D6F-4771-8260-E6490570B0C7",
"versionEndIncluding": "3.1"
}
],
"operator": "OR"
}
]
}
]