Unrated severityNVD Advisory· Published Mar 24, 2009· Updated Jun 16, 2026
CVE-2009-1051
CVE-2009-1051
Description
FubarForum 1.6 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing user credentials via a direct request for user.tsv.
Affected products
7cpe:2.3:a:chaozz:fubarforum:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:chaozz:fubarforum:*:*:*:*:*:*:*:*range: <=1.6
- cpe:2.3:a:chaozz:fubarforum:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:chaozz:fubarforum:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:chaozz:fubarforum:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:chaozz:fubarforum:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:chaozz:fubarforum:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:chaozz:fubarforum:1.5:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.