SimpleBBS 1.0.6 - 'users.php' Insecure File Permissions

EDB-ID:

22339

CVE:

EDB Verified:

Author:

flur

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2003-03-07

Vulnerable App:

source: https://www.securityfocus.com/bid/7045/info

SimpleBBS reportedly creates sensitive files with world-readable permissions. 
As a result anyone who has access to SimpleBBS web resources may access confidential information stored in the SimpleBBS user database.

This vulnerability was reported for SimpleBBS 1.0.6. It is not known if earlier versions are affected by this vulnerability.

http://www.example.com/simplebbs/users/users.php

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services