CVE-2003-1541 Information

Description

PlanetMoon Guestbook tr3.a stores sensitive information under the web root with insufficient access control which allows remote attackers to obtain the admin script password and other passwords via a direct request to files/passwd.txt.

Reference

http://secunia.com/advisories/8392 http://securityreason.com/securityalert/3653 http://www.securityfocus.com/archive/1/315895/30/25400/threaded http://www.securityfocus.com/bid/7167 http://www.securitytracker.com/id?1006360 https://exchange.xforce.ibmcloud.com/vulnerabilities/11609