CVE-2006-2946

Name of the Vulnerable Software and Affected Versions Dmx Forum version 2.1a

Description The issue allows remote attackers to obtain database username and password information due to insufficient access control of the includes/bd.inc file stored under the web root.

Recommendations For Dmx Forum version 2.1a, consider restricting access to the includes/bd.inc file to prevent remote attackers from obtaining sensitive database information. As a temporary workaround, limit access to this file until a more permanent solution is available.