CVE-2006-6378 Information

Description

BTSaveMySql 1.2 stores sensitive data under the web root with insufficient access control which allows remote attackers to obtain configuration and save files via direct requests.

Reference

http://securityreason.com/securityalert/2002 http://www.securityfocus.com/archive/1/453652/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/30760 btsavemysql-url-file-disclosure(30760)