CVE-2009-4820

Name of the Vulnerable Software and Affected Versions Angelo-Emlak version 1.0

Description The issue allows remote attackers to download a database due to insufficient access control. Sensitive information is stored under the web root, enabling attackers to access the database via a direct request for veribaze/angelo.mdb.

Recommendations For Angelo-Emlak version 1.0, consider restricting access to the veribaze/angelo.mdb file to prevent unauthorized downloads until a proper fix is applied. Additionally, review and improve access controls for sensitive information stored under the web root.