CVE-2012-4069 Information

Description

Dir2web 3.0 stores sensitive information under the web root with insufficient access control which allows remote attackers to download the database via a direct request for system/db/website.db.

Reference

http://archives.neohapsis.com/archives/bugtraq/2012-08/0045.html