CVE-2007-0155
HarikaOnline 2.0 is affected: the application stores its database harikaonline.mdb under the web root with insufficient access control, enabling remote attackers to download the password-containing database via a direct request. The issue yields partial confidentiality and integrity (and partial ...