I'm not sure how to classify this bug / vulnerability, but for aspWebCalendar Free edition, you can openly download the mdb file and read its contents (username,pasword).

Example

http://www.example.com/calendar/calendar.mdb

I guess the fix would be to place the mdb file outside of wwwroot.