CVE-2007-3774
Affected software: Dvbbs 7.1.0 SP1. Vulnerability: insufficient access control exposes sensitive data under the web root, allowing remote retrieval of the database via a direct request to Data/Dvbbs7.mdb. Exploitation details: attacker can download the database without authentication; impact is p...