Security Advisory

CVE-2008-5855

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-01-06 17:00:00

Last updated 2024-08-07 11:13:12

Assigner mitre

State PUBLISHED

Description

myPHPscripts Login Session 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to discover usernames, e-mail addresses, and password hashes via a direct request for users.txt.

← Browse all CVEs View on cve.org ↗