CVE-2008-6382 Information

Description

ASP Portal 3.2.5 stores sensitive information under the web root with insufficient access control which allows remote attackers to download the database file via a direct request to ASPPortal.mdb.

Reference

http://osvdb.org/50372 http://secunia.com/advisories/32889 https://www.exploit-db.com/exploits/7316