CVE-2008-5855

myPHPscripts Login Session 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to discover usernames, e-mail addresses, and password hashes via a direct request for users.txt.
Configurations

Configuration 1

cpe:2.3:a:myphpscripts:login_session:2.0:*:*:*:*:*:*:*

Information

Published : 2009-01-06 05:30

Updated : 2017-09-29 01:32


NVD link : CVE-2008-5855

Mitre link : CVE-2008-5855

Products Affected
No products.
CWE