CVE-2005-3551

2005-11-16T07:42:00
ID CVE-2005-3551
Type cve
Reporter cve@mitre.org
Modified 2018-10-19T15:37:00

Description

toendaCMS before 0.6.2 stores user account and session data in the web root directory, which allows remote attackers to obtain sensitive information via a direct request to the appropriate XML file.