2 matches found
CVE-2008-5925
ASP-DEv XM Events Diary stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for diary.mdb...
CVE-2008-5925
ASP-Dev XM Events Diary has a partial-access control weakness that exposes the diary.mdb database under the web root, allowing remote retrieval via a direct request. Affected component is the diary database/file handling within the web app; underlying issue is insufficient access control leading ...