CVE-2008-0135

Snitz Forums 2000 <= 3.4.06 - Unauthenticated Sensitive Information Exposure via Direct Database Download

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0135. PoCs published by ViRuSMaN.

AI-analyzed exploit summary This is a writeup describing a path disclosure vulnerability in Snitz Forums 2000. The exploit details how accessing the default path of the database file can lead to unauthorized disclosure of sensitive information.

Description

Snitz Forums 2000 3.4.06 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for forum/snitz_forums_2000.mdb.

Exploits (1)

exploitdb WRITEUP VERIFIED
by ViRuSMaN · textwebappsasp
https://www.exploit-db.com/exploits/10639

This is a writeup describing a path disclosure vulnerability in Snitz Forums 2000. The exploit details how accessing the default path of the database file can lead to unauthorized disclosure of sensitive information.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Snitz Forums 2000
No auth needed
Prerequisites: Knowledge of the target's path to the database file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Various Sources x_refsource_misc
http://hackerscenter.com/archive/view.asp?id=28145
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/485836/100/200/threaded
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/485894/100/200/threaded
Exploit, Third Party Advisory x_refsource_misc
http://www.packetstormsecurity.org/0801-exploits/snitz-multi.txt

Scores

EPSS 0.0245
EPSS Percentile 82.3%

Details

CWE
CWE-264
Status published
Products (12)
snitz_communications/snitz_forums_2000 3.0
snitz_communications/snitz_forums_2000 3.1 (2 CPE variants)
snitz_communications/snitz_forums_2000 3.2.03
snitz_communications/snitz_forums_2000 3.3
snitz_communications/snitz_forums_2000 3.3.01
snitz_communications/snitz_forums_2000 3.3.02
snitz_communications/snitz_forums_2000 3.3.03
snitz_communications/snitz_forums_2000 3.4.02
snitz_communications/snitz_forums_2000 3.4.03
snitz_communications/snitz_forums_2000 3.4.04
... and 2 more
Published Jan 08, 2008
Tracked Since Feb 18, 2026