SimpleBBS 1.0.6 Security Problem:

User database stored in a php file that's readable by anyone.
http://www.tareget.com/simplebbs/users/users.php

Passwords are md5'ed, but user data is not.

The vendor was notified and has released updates.

____________________ __ _
~FluRDoInG flur (at) flurnet (dot) org [email concealed]
http://www.flurnet.org
KEY ID 0x8C2C37C4 (pgp.mit.edu) RSA-CAST 2048/2048
1876 B762 F909 91EB 0C02 C06B 83FF E6C5 8C2C 37C4

[ reply ]