Vulnerability in Snitz_communications Snitz_forums_2000

CVE-2008-0135

Snitz Forums 2000 3.4.06 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for forum/snitz_forums_2000.mdb.

EPSS: 0.025 (82.4th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References