CVE-2009-4545

Name of the Vulnerable Software and Affected Versions Logoshows BBS version 2.0

Description The issue allows remote attackers to download a database due to insufficient access control. Sensitive information is stored under the web root, enabling attackers to access the database via a direct request for database/globepersonnel.mdb.

Recommendations For version 2.0, restrict access to the database file database/globepersonnel.mdb to prevent unauthorized downloads. Consider implementing proper access controls to sensitive information stored under the web root.