CVE-2005-4249
ADP Forum 2.0–2.0.3 stores sensitive credentials in plaintext under the web document root, with insufficient access control. This allows remote attackers to obtain user credentials by requesting the forum/users directory. Connected sources (PT-2005-4937) confirm affected versions and a workaround...