Vulnerabilities > Iyziforum > Iyzi Forum > 1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-01-12 | CVE-2008-5901 | Permissions, Privileges, and Access Controls vulnerability in Iyziforum Iyzi Forum 1.0 iyzi Forum 1.0 beta 3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing a password via a direct request for db/iyziforum.mdb. | 7.5 |