CVE-2006-6825

Name of the Vulnerable Software and Affected Versions: Calendar MX BASIC versions 1.0.2 and earlier

Description: The issue allows remote attackers to download a database via a direct request for calendar.mdb due to insufficient access control. This is because sensitive information is stored under the web root.

Recommendations: For Calendar MX BASIC versions 1.0.2 and earlier, restrict access to the calendar.mdb file to prevent unauthorized downloads. Consider relocating sensitive information outside of the web root or implementing proper access controls to mitigate the risk of exploitation.