Blue World Communications has announced three "serious" security issues in the Web Companion that accompanies FileMaker Pro 5, allowing anyone on the Internet to view the contents of a Web Companion configured database, send that data via email to anyone else, and also send anonymous or impersonated email, regardless of Web Database Security preferences.

The issues are related directly to the introduction of new XML and email features to FileMaker Pro 5, and affect anyone with a Web site that makes use of the FileMaker Pro 5 Web Companion. If credit card numbers are stored in one of these databases, they can be viewed via manipulation of the security hole.

The security problems may be solved by disabling the Web Companion, or using an alternative version or database solution. Blue World also provides other methods detailed within their press release, which can be viewed on their Web site or on

FileMaker, Inc. is aware of the issues and claims that no users have experienced problems so far. They have indicated that users watch their Web site for details of a fix that should be released within a week.