CVE-2009-4096 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2009-4096

CWE

https://cwe.mitre.org/data/definitions/255.html

RADIO istek scripti 2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain user credentials via a direct request for estafresgaftesantusyan.inc.

Affected Software

Name	Vendor	Start Version	End Version
Radio_isetek_scripti	Scriptlerim	2.5 (including)	2.5 (including)

References

http://osvdb.org/60516
http://packetstormsecurity.org/0911-exploits/istek-disclose.txt
http://secunia.com/advisories/37478
http://www.exploit-db.com/exploits/10231
http://osvdb.org/60516
http://packetstormsecurity.org/0911-exploits/istek-disclose.txt
http://secunia.com/advisories/37478
http://www.exploit-db.com/exploits/10231