CVE-2008-3924
Content Management Made Easy (CMME) 1.12 exposes sensitive data under the web root via its Make a backup feature, allowing remote attackers to directly request backup/cmme_data.zip or backup/cmme_cmme.zip to discover account names and password hashes. Vector a reportedly also affects CMME 1.19. T...