CVE-2005-0853

Name of the Vulnerable Software and Affected Versions betaparticle blog (bp blog) versions prior to 3.0 betaparticle blog (bp blog) versions 3.0 through 9.0

Description The issue allows remote attackers to obtain sensitive information by directly requesting the database files. For versions before 3.0, this can be done via a direct request to "dbBlogMX.mdb". For versions 3.0 and later, as well as versions 6.0 through 9.0, the issue can be exploited by requesting "Blog.mdb".

Recommendations For versions prior to 3.0, consider moving the database file dbBlogMX.mdb outside of the web root to prevent direct access. For versions 3.0 through 9.0, restrict access to the Blog.mdb file to minimize the risk of exploitation.