← volver
CVE-2005-1586

CVE-2005-1586

EPSS 1.4%
Quick.Forum 2.1.6 stores potentially sensitive information such as usernames, banned IP addresses, censored words, and backups under the web document root, which allows remote attackers to obtain that information via a direct request to (1) db/users.txt, (2) db/banList.txt, (3) db/censureWords.txt, or (4) backup files.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lostmon.blogspot.com/2005/05/quickforum-topic-field-xss-and-page.htmlhttp://secunia.com/advisories/15200http://www.osvdb.org/16328http://www.osvdb.org/16329