CVE-2008-5925

2009-01-21T18:30:00
ID CVE-2008-5925
Type cve
Reporter cve@mitre.org
Modified 2009-01-23T14:58:00

Description

ASP-DEv XM Events Diary stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for diary.mdb.