CVE-2006-0843 Information

Description

Leif M. Wright’s Blog 3.5 stores the config file and other txt files under the web root with insufficient access control which allows remote attackers to read the administrator’s password.

Reference

http://secunia.com/advisories/18923 http://securityreason.com/securityalert/522 http://www.evuln.com/vulns/82/summary.html http://www.securityfocus.com/bid/16712 https://exchange.xforce.ibmcloud.com/vulnerabilities/24752