CVE-2007-0546

Name of the Vulnerable Software and Affected Versions Toxiclab Shoutbox version 1

Description The issue allows remote attackers to download a database containing passwords via a direct request for db.mdb due to insufficient access control. This is because sensitive information is stored under the web root.

Recommendations For Toxiclab Shoutbox version 1, consider restricting access to the db.mdb file until a proper fix is available. As a temporary workaround, moving sensitive information outside of the web root can help minimize the risk of exploitation.