5 lines
No EOL
354 B
Text
5 lines
No EOL
354 B
Text
source: http://www.securityfocus.com/bid/6862/info
|
|
|
|
php-board user information is stored in flat files on the system hosting the software. Access to the files via the web is not sufficiently restricted. Remote attackers may request user files and gain access to php-board user and administrative passwords.
|
|
|
|
http://www.example.com/user/[NICKNAME].txt |