CVE-2006-0370
RCBlog 1.03 is affected by CVE-2006-0370 due to insufficient access control that allows remote attackers to view account names and MD5 password hashes by accessing data and config directories under the web root. OpenVAS/Nessus entries corroborate a related directory traversal/vector in RCBlog’s P...