Kabus

**Name of the Vulnerable Software and Affected Versions** newsCMSlite (affected versions not specified) **Description** The issue allows remote attackers to download a database containing passwords via a direct request for newsCMS.mdb, due to insufficient access control of sensitive information stored under the web root. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.