2 matches found
CVE-2008-6356
CVE-2008-6356 affects the EvCal Events Calendar. The underlying issue is improper access control that stores sensitive data under the web root, allowing remote attackers to download the database files evcal.mdb and evcal97.mdb. This exposure can disclose usernames and passwords. The provided conn...
CVE-2008-6356
evCal Events Calendar stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to 1 evcal.mdb and 2 evcal97.mdb...