CVE-2006-0843

Leif M. Wright's Blog 3.5 stores the config file and other txt files under the web root with insufficient access control, which allows remote attackers to read the administrator's password.

Published: Feb 22, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-0843
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
leif_m._wright / web_blog	3.5	3.5.x

http://secunia.com/advisories/18923
http://securityreason.com/securityalert/522
http://www.evuln.com/vulns/82/summary.html
http://www.securityfocus.com/bid/16712
https://exchange.xforce.ibmcloud.com/vulnerabilities/24752

Vulnerability Database

290,301

CVE-2006-0843