← back
CVE-2005-1586

CVE-2005-1586

EPSS 1.4%
Quick.Forum 2.1.6 stores potentially sensitive information such as usernames, banned IP addresses, censored words, and backups under the web document root, which allows remote attackers to obtain that information via a direct request to (1) db/users.txt, (2) db/banList.txt, (3) db/censureWords.txt, or (4) backup files.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lostmon.blogspot.com/2005/05/quickforum-topic-field-xss-and-page.htmlhttp://secunia.com/advisories/15200http://www.osvdb.org/16328http://www.osvdb.org/16329