PlanetMoon Guestbook tr3.a stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain the admin script password, and other passwords, via a direct request to files/passwd.txt.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
planetmoon guestbook tr3.a.1 |