CVE-2008-5572

Name of the Vulnerable Software and Affected Versions Professional Download Assistant version 0.1

Description The issue allows remote attackers to download the database file due to insufficient access control. Sensitive information is stored under the web root, enabling attackers to access the database file via a direct request for database/downloads.mdb.

Recommendations For Professional Download Assistant version 0.1, consider restricting access to the database file and implementing proper access controls to prevent unauthorized downloads. As a temporary workaround, restrict access to the database/downloads.mdb file to minimize the risk of exploitation.