RSS   Vulnerabilities for 'Uploader'   RSS

2007-01-25
 
CVE-2007-0532

CWE-Other
 

 
Tuan Do Uploader (aka php-uploader) 6 beta 1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the administrator password hash via a direct request for userdata/user_1.txt.

 


Copyright 2024, cxsecurity.com

 

Back to Top