Description
Vlad Titarenko ASP VT Auth 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file and obtain usernames and passwords via a direct request for zHk8dEes3.txt.
Exploits (1)
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/50986
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/8889
Scores
EPSS
0.0398
EPSS Percentile
88.4%
Details
CWE
CWE-264
Status
published
Products (1)
vt.rovno/asp_vt_auth
1.0
Published
Jun 09, 2009
Tracked Since
Feb 18, 2026