Blog Torrent 0.92 and earlier stores sensitive files under the web document root in the (1) data or (2) torrents directories with insufficient access control, which allows remote attackers to obtain sensitive information such as account names and password hashes, as demonstrated using data/newusers.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2005-07-12T04:00:00
Updated: 2016-10-17T13:57:01
Reserved: 2005-07-12T00:00:00
Link: CVE-2005-2229
JSON object: View
NVD Information
Status : Modified
Published: 2005-07-12T04:00:00.000
Modified: 2016-10-18T03:25:52.647
Link: CVE-2005-2229
JSON object: View
Redhat Information
No data.
CWE