paFileDB 3.1, when using sessions authentication and while the administrator logs on, allows remote malicious users to read the administrator's password hash and conduct brute force password guessing attacks by listing the contents of the sessions directory and reading the associated file for the administrator session.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php arena pafiledb 3.1 |