YourPlace 1.0.2 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to a database containing user credentials via a direct request for users.txt.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
peterselie yourplace 1.0 |
||
peterselie yourplace 1.0.1 |
||
peterselie yourplace |