CVE-2007-0593

Name of the Vulnerable Software and Affected Versions Siteman version 1.1.11

Description The issue allows remote attackers to download a database containing password hashes due to insufficient access control of sensitive information stored under the web root. This can be achieved via a direct request for data/members.txt.

Recommendations For Siteman version 1.1.11, consider restricting access to the data/members.txt file to prevent unauthorized downloads. Additionally, review and improve access controls for sensitive information stored under the web root.