Minor security issue in punbb with SQLite  
Georgi Guninski security advisory #76, 2019  
Running punbb-master from  
from Thu 07 Nov 2019 11:23:33 AM UTC  
Installing on http://host/forum  
In install.php set:  
database type: SQLite3  
database name: database1  
Accessing http://host/forum/database1 returns the full raw database,  
including hashes and email addresses.  
If attacker guesses the name "database1" or brute force from common  
database names, this gives her read access of the raw database.  
If you consider this a bug, as workaround set database to something  
hard to guess.  
Other forum software explicitly want the SQLite database to  
be non-accessible from the web.