Summary
ClearBudget is prone to an unauthorized-access vulnerability because it fails to properly restrict access to certain directories.
An attacker can exploit this vulnerability to gain access to database contents. Information harvested can lead to further attacks.
ClearBudget 0.6.1 is vulnerable
other versions may also be affected.
Solution
The vendor released an update to address this issue. Please see http://clearbudget.douteaud.com/ for more information.