CVE-2008-0135

Snitz Forums 2000 3.4.06 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for forum/snitz_forums_2000.mdb.
Severity
UNKNOWN
AV:N/AC:L/Au:N/C:P/I:N/A:N
Atk. Vector
NETWORK
Atk. Complexity
LOW
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
VendorProductVersion
snitz_communicationssnitz_forums_2000
𝑥
≤ 3.4.06
snitz_communicationssnitz_forums_2000
3.0
snitz_communicationssnitz_forums_2000
3.1
snitz_communicationssnitz_forums_2000
3.1
snitz_communicationssnitz_forums_2000
3.2.03
snitz_communicationssnitz_forums_2000
3.3
snitz_communicationssnitz_forums_2000
3.3.01
snitz_communicationssnitz_forums_2000
3.3.02
snitz_communicationssnitz_forums_2000
3.3.03
snitz_communicationssnitz_forums_2000
3.4.02
snitz_communicationssnitz_forums_2000
3.4.03
snitz_communicationssnitz_forums_2000
3.4.04
snitz_communicationssnitz_forums_2000
3.4.05
𝑥
= Vulnerable software versions
Common Weakness Enumeration