CVE-2010-1736

Name of the Vulnerable Software and Affected Versions KrM Haber version 1.0

Description The issue allows remote attackers to download a database due to insufficient access control. Sensitive information is stored under the web root, enabling attackers to access the database via a direct request for "d atabase/Krmdb.mdb".

Recommendations For KrM Haber version 1.0, restrict access to the d atabase directory to prevent unauthorized downloads of the database file Krmdb.mdb. Consider implementing proper access controls to sensitive information stored under the web root.