CVE-2008-6055 Information

Description

PreProjects Pre Classified Listings stores pclasp.mdb under the web root with insufficient access control which allows remote attackers to obtain passwords via a direct request.

Reference

http://packetstorm.linuxsecurity.com/0812-exploits/preaspclass-disclose.txt http://secunia.com/advisories/33197