CVE-2007-5260

Name of the Vulnerable Software and Affected Versions: ASP-CMS version 1.0

Description: The issue allows remote attackers to download a database containing usernames and passwords due to insufficient access control. This is possible by making a direct request for the database file.

Recommendations: For ASP-CMS version 1.0, consider restricting access to the mdb-database directory to prevent unauthorized downloads of the ASP-CMS v100.mdb file. As a temporary workaround, move sensitive information outside of the web root to minimize the risk of exploitation.