CVE-2009-3597
Digitaldesign CMS 0.1 is affected. The vulnerability arises from storing sensitive data under the web root with insufficient access control, allowing remote attackers to download the database file (autoconfig.dd) via a direct request. Impact is confined to partial confidentiality as described in ...