CVE-2008-6147
ForumApp 3.3 - Unauthenticated Sensitive Information Exposure via Direct Database Request
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2008-6147. PoCs published by Cyber.Zer0.
AI-analyzed exploit summary This exploit describes a remote database disclosure vulnerability in ForumApp V3.3, where the database files are accessible via direct URLs. No active exploit code is provided, only paths to the database files.
Description
ForumApp 3.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) data/8690.mdb or (2) data/8690BAK.mdb.
Exploits (1)
This exploit describes a remote database disclosure vulnerability in ForumApp V3.3, where the database files are accessible via direct URLs. No active exploit code is provided, only paths to the database files.