CVE-2006-2522
CVE-2006-2522 affects Dayfox Blog 2.0 and earlier. The credential store is kept in edit/slog_users.txt at the web document root with insufficient access control, enabling remote attackers to gain privileges. The connected sources confirm this direct exposure of user credentials and the resulting ...