5.8 Medium
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
81.9%
Scriptsez.net E-Dating System stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read private messages and leverage them for cross-site scripting (XSS) attacks.
archives.neohapsis.com/archives/bugtraq/2006-06/0067.html
secunia.com/advisories/20535
securityreason.com/securityalert/2300