CVE-2006-1764

Hosting Controller 6.1 stores forum/db/forum.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as user name and password credentials. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Date published : 2006-04-12

http://www.osvdb.org/24447

http://secunia.com/advisories/19569