ASP-DEV Discussion Forum 2.0 - Admin Directory Weak Default Permissions

EDB-ID:

22895

CVE:

N/A


Author:

G00db0y

Type:

webapps


Platform:

ASP

Date:

2003-07-13


source: https://www.securityfocus.com/bid/8172/info

It has been reported that a vulnerability exists in ASP-DEV Discussion Forum that exposes potentially sensitive information. Because of this, an attacker may be able to gain access to user credentials.

User credentials are stored in the sub-directory as follows:

http://www.example.com/forum/admin/