Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
p-news p-news 1.16 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2006-6888
P-News 1.16 and 1.17 store sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain the administrative account name and password hash via a direct request for db/user.dat.