ADP Forum 2.0 up to and including 2.0.3 stores sensitive information in plaintext files under the web document root with insufficient access control, which allows remote malicious users to obtain user credentials via requests to the forum/users directory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adp adp forum 2.0 |
||
adp adp forum 2.0.2 |
||
adp adp forum 2.0.3 |
||
adp adp forum 2.0.1 |