CVE-2010-4145 Information

Description

Kisisel Radyo Script stores sensitive information under the web root with insufficient access control which allows remote attackers to download a database via a direct request for sevvo/eco23.mdb.

Reference

http://packetstormsecurity.org/1010-exploits/kisiselradyoscript-disclose.txt http://secunia.com/advisories/41816 http://www.exploit-db.com/exploits/15270