2 matches found
CVE-2007-1597
CVE-2007-1597 affects Unclassified NewsBoard 1.6.3. The issue is insufficient access control: sensitive logs are stored under the web root and can be retrieved directly (logs/board-YYYY-MM-DD.log, logs/email-YY-MM-DD-HH-MM-SS.log, logs/error-YY-MM.log, logs/ip.log). This leads to information disc...
CVE-2007-1597
Unclassified NewsBoard 1.6.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain 1 the board log via a direct request for logs/board-YYYY-MM-DD.log, 2 the mail and private message PM log via a direct request for...