CVE-2009-1052
FireAnt 1.3 and earlier products are affected by an improper access control vulnerability that stores sensitive data under the web root. This allows remote attackers to directly request user.tsv and download a database containing user credentials. The CVE entry notes a network-exposed issue with ...