CVE-2007-4093

Name of the Vulnerable Software and Affected Versions Minb Is Not a Blog (minb) (affected versions not specified)

Description The issue allows remote attackers to download a database containing usernames and encrypted passwords via a direct request for 'db/users.db'. This is due to the storage of sensitive information under the web root with insufficient access control.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.