CVE-2007-0149
CVE-2007-0149 affects EMembersPro 1.0. The vulnerability is due to insufficient access control: the application stores sensitive information under the web root, allowing remote attackers to directly request users.mdb and obtain a database containing passwords. This can lead to partial disclosure ...