CVE-2008-5780
Forest Blog 1.3.2 stores sensitive data under the web root with insufficient access control, allowing remote attackers to download the database file blog.mdb via a direct request. Affected software: Forest Blog 1.3.2. Vulnerable element: the stored database file with passwords. Impact: exposure o...