NanoCMS '/data/pagesdata.txt' Password Hash Information Disclosure Vulnerability

NanoCMS is prone to an information-disclosure vulnerability because it fails to validate access to sensitive files.

An attacker can exploit this vulnerability to obtain sensitive information that may lead to further attacks.

NanoCMS 0.4_final is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus