CVE-2008-6940

Name of the Vulnerable Software and Affected Versions: TurnkeyForms Web Hosting Directory (affected versions not specified)

Description: The issue allows remote attackers to obtain a database backup due to insufficient access control. Sensitive information is stored under the web root, enabling attackers to access it via a direct request to the "admin/backup/db" endpoint.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.