CVE-2005-4249

Name of the Vulnerable Software and Affected Versions ADP Forum versions 2.0 through 2.0.3

Description The issue allows remote attackers to obtain user credentials due to sensitive information being stored in plaintext files under the web document root with insufficient access control. This can be achieved via requests to the "forum/users" directory.

Recommendations For ADP Forum versions 2.0 through 2.0.3, consider restricting access to the forum/users directory to minimize the risk of exploitation. As a temporary workaround, limit access to sensitive information stored in plaintext files under the web document root until a proper fix is applied.