CVE-2008-6382

Name of the Vulnerable Software and Affected Versions: ASP Portal version 3.2.5

Description: The issue allows remote attackers to download the database file via a direct request to 'ASPPortal.mdb' due to insufficient access control. This is because sensitive information is stored under the web root.

Recommendations: For ASP Portal version 3.2.5, consider restricting access to the ASPPortal.mdb file to minimize the risk of exploitation. Additionally, review and implement proper access controls for sensitive information stored under the web root.