Product: Easy File Sharing Web Server, current versions, default installation
Vendor: http://www.sharing-file.com/
Vendor Notification and Disclosure:
08/22/09: EFSW support notified of issue.
08/22/09: EFSW said it is not an issue because you can turn off direct file access.
08/23/09: EFSW support notified that FILES.SDB file can be directly accessed.
08/24/09: EFSW replied, saying 'no, you can't access the file,' even though you can.
12/15/09: Hammer of God released full details after waiting 4 months for vendor to fix.
Product: Easy File Sharing Web Server, current versions, default installation
Vendor: http://www.sharing-file.com/
Vendor Notification and Disclosure:
08/22/09: EFSW support notified of issue.
08/22/09: EFSW said it is not an issue because you can turn off direct file access.
08/23/09: EFSW support notified that FILES.SDB file can be directly accessed.
08/24/09: EFSW replied, saying 'no, you can't access the file,' even though you can.
12/15/09: Hammer of God released full details after waiting 4 months for vendor to fix.
