2017-03-17 14:00:00
mitre
PUBLISHED
Wonder CMS 2014 allows remote attackers to obtain sensitive information by viewing /files/password, which reveals the unsalted MD5 hashed password.