CVE-2006-7061

2007-02-24T01:28:00
ID CVE-2006-7061
Type cve
Reporter cve@mitre.org
Modified 2008-09-05T21:16:00

Description

Scriptsez.net E-Dating System stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read private messages and leverage them for cross-site scripting (XSS) attacks.