CVE-2020-37082 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

webERP 4.15.1 contains an unauthenticated file access vulnerability that allows remote attackers to download database backup files without authentication. Attac…
High CVSS: 8.6

CVE-2020-37082

webERP 4.15.1 contains an unauthenticated file access vulnerability that allows remote attackers to download database backup files without authentication. Attackers can directly access generated backup files in the companies/weberp/ directory by requesting the Backup_[timestamp].sql.gz file.
Vendor
Weberp
Product
Weberp
CWE
CWE-552
Yayın Tarihi
2026-02-03 22:16:23
Güncelleme
2026-02-11 18:51:46
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-552 Weberp HIGH Weberp 2026

Referanslar

http://www.weberp.org https://sourceforge.net/projects/web-erp/ https://www.exploit-db.com/exploits/48420 https://www.vulncheck.com/advisories/weberp-unauthenticated-backup-file-access