Vulnerabilities > CVE-2005-4249 - Unspecified vulnerability in ADP Forum

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

adp

NVD

Published: 2005-12-15

Updated: 2024-02-14

Summary

ADP Forum 2.0 through 2.0.3 stores sensitive information in plaintext files under the web document root with insufficient access control, which allows remote attackers to obtain user credentials via requests to the forum/users directory.

Vulnerable Configurations

Part	Description	Count
Application	Adp ADP ADP Forum 2.0 ADP ADP Forum 2.0.2 ADP ADP Forum 2.0.3 ADP ADP Forum 2.0.1	4

References

http://www.blogcu.com/Liz0ziM/144336/
http://secunia.com/advisories/18027
http://securityreason.com/securityalert/253
http://www.securityfocus.com/archive/1/419393/100/0/threaded