Dmxready · Dmxready Registration Manager · CVE-2009-1821
Name of the Vulnerable Software and Affected Versions:
DMXReady Registration Manager version 1.1
Description:
The issue allows remote attackers to download the database file due to insufficient access control. Sensitive information is stored under the web root, making it accessible via a direct request for the databases/webblogmanager.mdb file.
Recommendations:
For DMXReady Registration Manager version 1.1, consider restricting access to the databases/webblogmanager.mdb file to prevent unauthorized downloads. As a temporary workaround, move the sensitive information outside of the web root to minimize the risk of exploitation.