CVE-2009-1941

Name of the Vulnerable Software and Affected Versions: PAD Site Scripts version 3.6

Description: The issue allows remote attackers to download the database and obtain sensitive information via a direct request for 'dbbackup.txt' due to insufficient access control of sensitive information stored under the web document root.

Recommendations: For PAD Site Scripts version 3.6, consider restricting access to the 'dbbackup.txt' file to prevent unauthorized downloads until a proper fix is applied. As a temporary workaround, moving sensitive files outside of the web document root or implementing proper access controls can help mitigate the risk of exploitation.