CVE-2007-3774

Name of the Vulnerable Software and Affected Versions Dvbbs version 7.1.0 SP1

Description The issue allows remote attackers to download a database due to insufficient access control of sensitive information stored under the web root. This can be achieved by making a direct request for the database file.

Recommendations For Dvbbs version 7.1.0 SP1, consider restricting access to the Data/Dvbbs7.mdb file to prevent unauthorized downloads until a proper fix is applied. As a temporary workaround, moving sensitive files outside of the web root or implementing proper access controls can help mitigate the risk.