2 matches found
CVE-2006-0404
Note-A-Day Weblog 2.2 stores sensitive data under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to archive/.phpass-admin, which contains encrypted passwords...
CVE-2006-0404
CVE-2006-0404 affects Note-A-Day Weblog 2.2. The issue is improper access control: sensitive data stored under the web document root can be accessed via a direct request to archive/.phpass-admin, exposing encrypted passwords. This is the stated vulnerability and its impact; no explicit remediatio...