Ublog Reload ublogreload.mdb Information Disclosure
Remote / Network Access
Loss of Confidentiality
Ublog Reload contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker directly requests the ublogreload.mdb file, which will disclose the administrator login and hashed password resulting in a loss of confidentiality.
Upgrade to version 1.0.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.