CVE-2009-1051

Name of the Vulnerable Software and Affected Versions FubarForum versions 1.6 and earlier

Description The issue allows remote attackers to download a database containing user credentials via a direct request for user.tsv, due to insufficient access control of sensitive information stored under the web root.

Recommendations For FubarForum versions 1.6 and earlier, restrict access to sensitive files, such as user.tsv, to prevent unauthorized downloads. Consider implementing proper access controls to protect sensitive information stored under the web root. At the moment, there is no information about a newer version that contains a fix for this vulnerability.