https://www.exploit-db.com/exploits/23516
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-578

ASP-Nuke1.3及其早期版本将用户凭证置于访问控制不足的web文档根目录下。远程攻击者可以借助对main.mdb直接请求获取敏感信息。

source: http://www.securityfocus.com/bid/9355/info

A problem has been identified in ASP-Nuke when user credentials are stored on a system. Because of this, an attacker may be able to gain unauthorized access to sensitive information.

http://www.example.com/db/main.mdb

来源:BID
名称:9355
链接:http://www.securityfocus.com/bid/9355