CVE-2010-1067

Name of the Vulnerable Software and Affected Versions E-membres version 1.0

Description The issue allows remote attackers to download a database due to insufficient access control of sensitive information stored under the web root. This can be achieved by making a direct request for the database file.

Recommendations For E-membres version 1.0, consider restricting access to the database file db/bdEMembres.mdb to prevent unauthorized downloads until a proper fix is applied. As a temporary workaround, moving sensitive information outside of the web root or implementing proper access controls can help mitigate the risk of exploitation.