Vulnerabilities > CVE-2006-4897 - Remote Security vulnerability in Cmtexts
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
CMtextS 1.0 and earlier stores users_logins/admin.txt under the web document root with insufficient access control, which allows remote attackers to obtain the administrator password.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | CMtextS <= 1.0 (users_logins/admin.txt) Credentials Disclosure Vuln. CVE-2006-4897. Webapps exploit for php platform |
file | exploits/php/webapps/2388.txt |
id | EDB-ID:2388 |
last seen | 2016-01-31 |
modified | 2006-09-17 |
platform | php |
port | |
published | 2006-09-17 |
reporter | Kacper |
source | https://www.exploit-db.com/download/2388/ |
title | CMtextS <= 1.0 users_logins/admin.txt Credentials Disclosure Vuln |
type | webapps |