CVE-2007-0594

Name of the Vulnerable Software and Affected Versions Siteman version 2.0.x2

Description The issue allows remote attackers to download a database containing password hashes due to insufficient access control. This is achieved via a direct request for the database file, specifically db/siteman/users.MYD.

Recommendations For version 2.0.x2, restrict access to the db/siteman directory to prevent unauthorized downloads of sensitive information. Consider implementing proper access controls to protect the database files until a more permanent solution is available.