Dayfox Blog 2.0 and earlier stores user credentials in edit/slog_users.txt under the web document root with insufficient access control, which allows remote attackers to gain privileges.
References
Configurations
History
No history.
Information
Published : 2006-05-22 22:02
Updated : 2024-02-28 10:42
NVD link : CVE-2006-2522
Mitre link : CVE-2006-2522
CVE.ORG link : CVE-2006-2522
JSON object : View
Products Affected
dayfox_designs
- dayfox_blog
CWE