CVE-1999-0953

WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers.