CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-1051

FubarForum 1.6 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing user credentials via a direct request for user.tsv.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.4%

CVSS Severity

CVSS v2 Score 5.0

References

http://e-rdc.org/v1/news.php?readmore=131
http://secunia.com/advisories/34358
http://www.securityfocus.com/archive/1/501902/100/0/threaded
http://e-rdc.org/v1/news.php?readmore=131
http://secunia.com/advisories/34358
http://www.securityfocus.com/archive/1/501902/100/0/threaded

Products affected by CVE-2009-1051

Chaozz » Fubarforum » Version: Any

cpe:2.3:a:chaozz:fubarforum:*
Chaozz » Fubarforum » Version: 1.0

cpe:2.3:a:chaozz:fubarforum:1.0
Chaozz » Fubarforum » Version: 1.1

cpe:2.3:a:chaozz:fubarforum:1.1
Chaozz » Fubarforum » Version: 1.2

cpe:2.3:a:chaozz:fubarforum:1.2
Chaozz » Fubarforum » Version: 1.3

cpe:2.3:a:chaozz:fubarforum:1.3
Chaozz » Fubarforum » Version: 1.4

cpe:2.3:a:chaozz:fubarforum:1.4
Chaozz » Fubarforum » Version: 1.5

cpe:2.3:a:chaozz:fubarforum:1.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-1051

Products

Pricing

Contact Us