CVE-2005-1136

2005-04-1604:00:00

mitre

www.cve.org

AI Score

6.3

Confidence

Low

EPSS

0.007

Percentile

80.3%

JSON

Simple PHP Blog (sphpBlog) 0.4.0 stores the (1) password.txt and (2) config.txt files under the web document root, which allows remote attackers to obtain sensitive information and crack passwords via a direct request to these files.

References

echo.or.id/adv/adv12-y3dips-2005.txt

marc.info/?l=bugtraq&m=111359320312609&w=2

www.waraxe.us/ftopict-651.html