Vulnerabilities > CVE-2005-1586 - Information Disclosure vulnerability in Open Solution Quick.Forum 2.1.6
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Quick.Forum 2.1.6 stores potentially sensitive information such as usernames, banned IP addresses, censored words, and backups under the web document root, which allows remote attackers to obtain that information via a direct request to (1) db/users.txt, (2) db/banList.txt, (3) db/censureWords.txt, or (4) backup files.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |