CVE-2007-0880
CVE-2007-0880 describes an access-control flaw where the application stores sensitive information under the web root, enabling remote attackers to retrieve database credentials by directly requesting inc/common_db.inc. The document set confirms the affected vector as an unauthenticated direct req...