STphp EasyNews PRO 4.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain usernames, email addresses, and password hashes via a direct request for data/users.txt.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
stphp easynews 4.0 |