CVE-2006-6449

Name of the Vulnerable Software and Affected Versions Vt-Forum Lite versions 1.3 and earlier

Description The issue allows remote attackers to download a database due to insufficient access control. Sensitive information is stored under the web root, enabling attackers to access the database via a direct request for "db/forum.mdb".

Recommendations For versions 1.3 and earlier, consider restricting access to the database file "forum.mdb" to minimize the risk of exploitation. As a temporary workaround, limit direct requests to the "db/forum.mdb" file until a proper fix is applied.