CVE-2006-6891 Information

Description

Vz (Adp) Forum 2.0.3 stores sensitive information under the web root with insufficient access control which allows remote attackers to obtain the administrative account name and password hash via a direct request for users/admin.txt.

Reference

https://exchange.xforce.ibmcloud.com/vulnerabilities/31220 https://www.exploit-db.com/exploits/3053