CVE-2005-1586

Name of the Vulnerable Software and Affected Versions Quick.Forum version 2.1.6

Description The issue allows remote attackers to obtain potentially sensitive information, including usernames, banned IP addresses, censored words, and backups, by making a direct request to certain files. Specifically, attackers can access files such as db/users.txt, db/banList.txt, db/censureWords.txt, or backup files.

Recommendations For Quick.Forum version 2.1.6, consider moving sensitive files outside of the web document root to prevent direct access. As a temporary workaround, restrict access to the db directory and backup files to minimize the risk of exploitation.