CVE-2009-1495

Name of the Vulnerable Software and Affected Versions: Web File Explorer version 3.1

Description: The issue allows remote attackers to download a database via a direct request for data/db.mdb due to insufficient access control. This is because sensitive information is stored under the web root.

Recommendations: For Web File Explorer version 3.1, consider restricting access to the data/db.mdb file to minimize the risk of exploitation. As a temporary workaround, restrict access to the vulnerable directory until a patch is available.