Total vulnerabilities in the database
Snitz Forums 2000 3.4.06 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for forum/snitz_forums_2000.mdb.
| Software | From | Fixed in |
|---|---|---|
| snitz_communications / snitz_forums_2000 | 3.1-sr4 | 3.1-sr4.x |
| snitz_communications / snitz_forums_2000 | 3.4.03 | 3.4.03.x |
| snitz_communications / snitz_forums_2000 | 3.2.03 | 3.2.03.x |
| snitz_communications / snitz_forums_2000 | 3.3.01 | 3.3.01.x |
| snitz_communications / snitz_forums_2000 | 3.3.02 | 3.3.02.x |
| snitz_communications / snitz_forums_2000 | 3.1 | 3.1.x |
| snitz_communications / snitz_forums_2000 | 3.4.05 | 3.4.05.x |
| snitz_communications / snitz_forums_2000 | 3.4.02 | 3.4.02.x |
| snitz_communications / snitz_forums_2000 | - | 3.4.06.x |
| snitz_communications / snitz_forums_2000 | 3.4.04 | 3.4.04.x |
| snitz_communications / snitz_forums_2000 | 3.0 | 3.0.x |
| snitz_communications / snitz_forums_2000 | 3.3 | 3.3.x |
| snitz_communications / snitz_forums_2000 | 3.3.03 | 3.3.03.x |