https://www.exploit-db.com/exploits/22252
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200312-274

PHP-Board是一款基于WEB的论坛程序。php-board用户信息存储方式和限制不正确，远程攻击者可以利用这个漏洞获得任何用户的密码信息。php-board把用户信息以文本方式存储在系统上，并可以通过WEB直接访问，远程攻击者可以请求用户文件并获得php-board的用户和管理员密码。

source: http://www.securityfocus.com/bid/6862/info

php-board user information is stored in flat files on the system hosting the software. Access to the files via the web is not sufficiently restricted. Remote attackers may request user files and gain access to php-board user and administrative passwords.

http://www.example.com/user/[NICKNAME].txt

来源:XF
名称:phpboard-login-plaintext-passwords(11338)
链接:http://xforce.iss.net/xforce/xfdb/11338
来源:BID
名称:6862
链接:http://www.securityfocus.com/bid/6862
来源:VULNWATCH
名称:20030215php-Board(php)
链接:http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0069.html
来源：NSFOCUS
名称：4413
链接：http://www.nsfocus.net/vulndb/4413