CVE-2008-6494
The CVE-2008-6494 entry concerns ASP User Engine.NET, where sensitive data is stored under the web root with insufficient access control. The underlying issue allows a remote attacker to download the database (users.mdb) by issuing a direct request. This is supported by the NVD description and as...