Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:21551
HistoryApr 01, 2009 - 12:00 a.m.

aspWebCalendar Free Edition bug

2009-04-0100:00:00
vulners.com
18

I'm not sure how to classify this bug / vulnerability, but for aspWebCalendar Free edition, you can
openly download the mdb file and read its contents (username,pasword).
Example
http://www.example.com/calendar/calendar.mdb

I guess the fix would be to place the mdb file outside of wwwroot.