CVE-2009-5019

Published: Dec 1, 2010Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Web Wiz NewsPad stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/NewsPad.mdb.

Affected (4)

Products: Webwiz: Web Wiz Newspad

Webwiz

1 product

Web Wiz Newspad

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Webwiz Web Wiz Newspad	Version 1.01
Webwiz Web Wiz Newspad	Version 1.02
Webwiz Web Wiz Newspad	Version 1.03
Webwiz Web Wiz Newspad	Version 1.0

Related CWEs

CWE-264

References (8)

http://packetstormsecurity.org/files/view/84294/webwiznewspad-disclose.txt

Source: cve@mitre.org

Exploit

http://www.exploit-db.com/exploits/10637

Source: cve@mitre.org

Exploit

http://www.exploit-db.com/exploits/15544

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/55043

Source: cve@mitre.org

http://packetstormsecurity.org/files/view/84294/webwiznewspad-disclose.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.exploit-db.com/exploits/10637

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.exploit-db.com/exploits/15544

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/55043

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.