EIP-2026-100372
PRE-CVEIISWorks FileMan - fileman.mdb Remote User Database Disclosure
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-100372. PoCs published by j0fer.
AI-analyzed exploit summary This is a writeup describing an information disclosure vulnerability in IISWorks FileMan, where an unencrypted Microsoft Access database file is directly downloadable due to improper IIS permissions. The vulnerability allows remote attackers to access sensitive user and permission data.
Description
IISWorks FileMan - fileman.mdb Remote User Database Disclosure
Exploits (1)
This is a writeup describing an information disclosure vulnerability in IISWorks FileMan, where an unencrypted Microsoft Access database file is directly downloadable due to improper IIS permissions. The vulnerability allows remote attackers to access sensitive user and permission data.