CVE-2012-4069

Name of the Vulnerable Software and Affected Versions Dir2web version 3.0

Description The issue allows remote attackers to download the database via a direct request for "system/db/website.db". This is due to insufficient access control of sensitive information stored under the web root.

Recommendations For Dir2web version 3.0, restrict access to the "system/db/website.db" file to prevent unauthorized downloads. Consider implementing proper access controls to sensitive information stored under the web root. At the moment, there is no information about a newer version that contains a fix for this vulnerability.