CVE-2006-6890 Information

Description

Voodoo chat 1.0RC1b stores sensitive information under the web root with insufficient access control which allows remote attackers to download passwords via a direct request for data/users.dat.

Reference

https://exchange.xforce.ibmcloud.com/vulnerabilities/31221 https://www.exploit-db.com/exploits/3044