Submit #796696: code-projects Simple Chatbox PHP 1.0 Information Disclosureinfo

Titlecode-projects Simple Chatbox PHP 1.0 Information Disclosure
DescriptionThe Simple Chatbox in PHP v1.0 is vulnerable to Sensitive Information Disclosure due to an exposed SQL database backup file. The application includes a database dump file (chatbox.sql) located within a publicly accessible directory inside the web root. Because the web server does not restrict access to .sql files, any unauthenticated user can directly access and download the database dump via HTTP. The exposed file is accessible at: http://localhost/SimpleChatbox_PHP/chatbox/database/chatbox.sql The SQL dump file contains the complete database schema and stored application data, including chat messages, user-related data, and system structure. Since the file is stored in a web-accessible location without access controls, attackers can retrieve sensitive information without authentication.
Source⚠️ https://github.com/ahmadmarz10-hub/CVEsMarz/blob/main/Sensitive%20Information%20Disclosure%20in%20Simple%20Chatbox%20PHP%20Exposed%20Database%20Backup.md
User
 AhmadMarzook (UID 96211)
Submission04/03/2026 20:41 (3 months ago)
Moderation04/12/2026 20:11 (9 days later)
StatusAccepted
VulDB entry357040 [code-projects Simple ChatBox 1.0 Endpoint chatbox.sql SimpleChatbox_PHP file information disclosure]
Points20

Do you want to use VulDB in your project?

Use the official API to access entries easily!