Vulnerabilities > Aspapp > Forumapp > 3.3

DATE	CVE	VULNERABILITY TITLE	RISK
2009-02-16	CVE-2008-6147	Permissions, Privileges, and Access Controls vulnerability in Aspapp Forumapp 3.3 ForumApp 3.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) data/8690.mdb or (2) data/8690BAK.mdb. network low complexity aspapp CWE-264	5.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.