CVE-2008-5128 Information

Description

Ocean12 Membership Manager Pro stores sensitive information under the web root with insufficient access control which allows remote attackers to obtain sensitive information via a direct request to o12member.mdb.

Reference

http://packetstorm.linuxsecurity.com/0810-exploits/ocean12-database.txt http://secunia.com/advisories/32409 https://exchange.xforce.ibmcloud.com/vulnerabilities/46133 https://exchange.xforce.ibmcloud.com/vulnerabilities/46693