source: https://www.securityfocus.com/bid/12402/info
A remote information disclosure issue affects CitrusDB. This issue is due to a design problem that grants unauthorized users the ability to export sensitive data.
An attacker may leverage this issue to gain access to sensitive information including credit card data.
[path to CitrusDB]/io/newfile.txt
where [path to CitrusDB] is the path relative to the web root.
