CVE-2008-3924
The "Make a backup" functionality in Content Management Made Easy CMME 1.12 stores sensitive information under the web root with insufficient access control, which allows remote attackers to discover 1 account names and 2 password hashes via a direct request for a backup/cmmedata.zip or b...