VYPR
Unrated severityNVD Advisory· Published Mar 24, 2009· Updated Jun 16, 2026

CVE-2009-1051

CVE-2009-1051

Description

FubarForum 1.6 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing user credentials via a direct request for user.tsv.

Affected products

7
  • Chaozz/Fubarforum7 versions
    cpe:2.3:a:chaozz:fubarforum:*:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:chaozz:fubarforum:*:*:*:*:*:*:*:*range: <=1.6
    • cpe:2.3:a:chaozz:fubarforum:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:chaozz:fubarforum:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:chaozz:fubarforum:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:chaozz:fubarforum:1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:chaozz:fubarforum:1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:chaozz:fubarforum:1.5:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.