BugTraq
Back to list
|
Post reply
SimpleBBS 1.0.6 Default Permissions Vuln
Mar 07 2003 09:39PM
flur (flur flurnet org)
SimpleBBS 1.0.6 Security Problem:
User database stored in a php file that's readable by anyone.
http://www.tareget.com/simplebbs/users/users.php
Passwords are md5'ed, but user data is not.
The vendor was notified and has released updates.
____________________ __ _
~FluRDoInG flur (at) flurnet (dot) org [email concealed]
http://www.flurnet.org
KEY ID 0x8C2C37C4 (pgp.mit.edu) RSA-CAST 2048/2048
1876 B762 F909 91EB 0C02 C06B 83FF E6C5 8C2C 37C4
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
User database stored in a php file that's readable by anyone.
http://www.tareget.com/simplebbs/users/users.php
Passwords are md5'ed, but user data is not.
The vendor was notified and has released updates.
____________________ __ _
~FluRDoInG flur (at) flurnet (dot) org [email concealed]
http://www.flurnet.org
KEY ID 0x8C2C37C4 (pgp.mit.edu) RSA-CAST 2048/2048
1876 B762 F909 91EB 0C02 C06B 83FF E6C5 8C2C 37C4
[ reply ]