Vulnerabilities > CVE-2006-1207 - Unspecified vulnerability in Sergey Korostel PHP Upload Center
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
PHP Upload Center stores password hashes under the web root with insufficient access control, which allows remote attackers to download each password hash via a direct request for the upload/users/[USERNAME] file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |