Vulnerabilities > CVE-2006-4897 - Unspecified vulnerability in Cmtexts
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN cmtexts
exploit available
Summary
CMtextS 1.0 and earlier stores users_logins/admin.txt under the web document root with insufficient access control, which allows remote attackers to obtain the administrator password.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | CMtextS <= 1.0 (users_logins/admin.txt) Credentials Disclosure Vuln. CVE-2006-4897. Webapps exploit for php platform |
| file | exploits/php/webapps/2388.txt |
| id | EDB-ID:2388 |
| last seen | 2016-01-31 |
| modified | 2006-09-17 |
| platform | php |
| port | |
| published | 2006-09-17 |
| reporter | Kacper |
| source | https://www.exploit-db.com/download/2388/ |
| title | CMtextS <= 1.0 users_logins/admin.txt Credentials Disclosure Vuln |
| type | webapps |
References
- http://secunia.com/advisories/21988
- http://secunia.com/advisories/21988
- http://www.vupen.com/english/advisories/2006/3690
- http://www.vupen.com/english/advisories/2006/3690
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28999
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28999
- https://www.exploit-db.com/exploits/2388
- https://www.exploit-db.com/exploits/2388