CVE-2006-1764

Name of the Vulnerable Software and Affected Versions Hosting Controller version 6.1

Description The issue allows remote attackers to obtain sensitive information, such as user name and password credentials, due to insufficient access control of the forum/db/forum.mdb file stored under the web document root.

Recommendations For Hosting Controller version 6.1, restrict access to the forum/db/forum.mdb file to prevent unauthorized access until a proper fix is applied. Consider relocating the file outside of the web document root or implementing stricter access controls to mitigate the risk of sensitive information disclosure.