aeNovo Database Content Disclosure Vulnerability

aeNovo is a web content management system. Due to improper file premission settings on the database directory it is possible for a remote attacker to download the product's database file and grab from it sensitive information.
Restrict access the the aeNovo's database file or directory by setting file/directory restrictions.