Dayfox Blog 2.0 and previous versions stores user credentials in edit/slog_users.txt under the web document root with insufficient access control, which allows remote malicious users to gain privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dayfox designs dayfox blog |