CVE-2005-4859

Description

mimicboard2 (Mimic2) 086 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mimic2.dat.

Affected products

• chitta / mimicboardmimiboard2_086

References

• MISChttp://www.securityfocus.com/bid/14779
• VENDOR_ADVISORYhttp://exploitlabs.com/files/advisories/EXPL-A-2005-013-mimic2.txt