Vulnerabilities > Mariovaldez > Simple Text File Login Script

DATE CVE VULNERABILITY TITLE RISK
2008-12-30 CVE-2008-5763 Code Injection vulnerability in Mariovaldez Simple Text-File Login Script 1.0.6
PHP remote file inclusion vulnerability in slogin_lib.inc.php in Simple Text-File Login Script (SiTeFiLo) 1.0.6 allows remote attackers to execute arbitrary PHP code via a URL in the slogin_path parameter.
network
low complexity
mariovaldez CWE-94
7.5
2008-12-30 CVE-2008-5762 Permissions, Privileges, and Access Controls vulnerability in Mariovaldez Simple Text-File Login Script 1.0.6
Simple Text-File Login Script (SiTeFiLo) 1.0.6 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the password via a direct request for slog_users.txt.
network
low complexity
mariovaldez CWE-264
5.0