CVE-2009-1322
CVE-2009-1322 affects ASP Product Catalog 1.0 where sensitive data is stored under the web root with insufficient access control. An attacker can directly request database/aspProductCatalog.mdb to download a database containing user credentials. The connected records confirm the presence of this ...