DMXReady Registration Manager 1.1 - Unauthenticated Sensitive Information Exposure via Direct Database File Access
DMXReady Registration Manager 1.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for databases/webblogmanager.mdb.