CVE-2008-2681

Name of the Vulnerable Software and Affected Versions Realm CMS versions 2.3 and earlier

Description The issue allows remote attackers to obtain sensitive information via a direct request to " db/compact.asp", which reveals the database path in an error message.

Recommendations For versions 2.3 and earlier, consider restricting access to the " db/compact.asp" page until a fix is available. As a temporary workaround, avoid using the db/compact.asp page to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.