2 matches found
CVE-2008-6147
ForumApp 3.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for 1 data/8690.mdb or 2 data/8690BAK.mdb...
CVE-2008-6147
ForumApp 3.3 is affected by an access-control weakness that stores sensitive data under the web root and permits remote retrieval of the database via direct requests to data/8690.mdb or data/8690BAK.mdb. The NVD description indicates network-based access with no authentication and partial confide...