webERP 4.15.1 is vulnerable to a critical data exposure flaw that allows unauthenticated attackers to download entire database backups, compromising all corporate financial and operational data.

The application stores database backups in a predictable web-accessible directory (companies/weberp/) without proper access controls. An unauthenticated attacker can download these files by guessing or discovering the timestamp-based filename.

With a CVSS score of 9.8, this vulnerability represents a total loss of confidentiality. Since webERP manages sensitive business data, including financials, customer lists, and inventory, the exposure of a full SQL backup allows an attacker to replicate the entire business database offline for malicious use.

Immediate Action: Update webERP to the latest version and move all backup directories outside of the web server's document root immediately.

Proactive Monitoring: Check web server access logs for requests to the companies/weberp/ directory and any files ending in .sql.gz.

Compensating Controls: Use .htaccess or server configuration files to deny all web access to the backup directories and implement strong authentication for any directory containing sensitive exports.

Public Exploit Available: false

Immediate isolation of backup files is required. Administrators must ensure that no sensitive data, especially database backups, is ever stored in a location reachable by a web browser without robust authentication and authorization checks.