2 matches found
CVE-2008-5855
myPHPscripts Login Session 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to discover usernames, e-mail addresses, and password hashes via a direct request for users.txt...
CVE-2008-5855
The CVE-2008-5855 entry concerns myPHPscripts Login Session 2.0, where sensitive data is stored under the web root with insufficient access control. The underlying issue is exposure of a users.txt file, which can allow remote attackers to discover usernames, e-mail addresses, and password hashes ...