CVE-2009-4799

Name of the Vulnerable Software and Affected Versions Diskos CMS versions 6.x

Description The issue allows remote attackers to download a database via a direct request for specific files, including artikler prod.mdb or medlemmer.mdb, due to insufficient access control.

Recommendations For Diskos CMS version 6.x, restrict access to sensitive files, such as artikler prod.mdb and medlemmer.mdb, to prevent unauthorized downloads. Consider moving these files outside of the web root or implementing proper access controls to mitigate the risk of exploitation.