Cahier de texte 2.0 stores sensitive information under the web root, possibly with insufficient access control, which might allow remote attackers to obtain all users passwords via a direct request for administration/dump.sql.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Cahier_de_textes | Cahier_de_textes | 2.0 (including) | 2.0 (including) |