CVE-2007-2944

Name of the Vulnerable Software and Affected Versions WabCMS version 1.0

Description The issue allows remote attackers to download a database due to insufficient access control. Sensitive information is stored under the web root, making it accessible via a direct request for "db/wabcmsn.mdb".

Recommendations For WabCMS version 1.0, consider restricting access to the database file "db/wabcmsn.mdb" to prevent unauthorized downloads. As a temporary workaround, restrict access to the "db" directory until a proper fix is applied.