CVE-2010-0674

Name of the Vulnerable Software and Affected Versions StatCounteX version 3.1

Description The issue allows remote attackers to download a database due to insufficient access control of sensitive information stored under the web root. This can be achieved by making a direct request for the path/stats.mdb file.

Recommendations For StatCounteX version 3.1, consider restricting access to the stats.mdb file to prevent unauthorized downloads until a proper fix is applied. As a temporary workaround, moving sensitive information outside of the web root or implementing proper access controls can help mitigate the risk of exploitation.