Sensitive Information Disclosure and Password Cracking Vulnerability in Simple PHP Blog (sphpBlog) 0.4.0
CVE-2005-1136 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Simple PHP Blog (sphpBlog) 0.4.0 stores the (1) password.txt and (2) config.txt files under the web document root, which allows remote attackers to obtain sensitive information and crack passwords via a direct request to these files.
Learn more about our Web App Pen Testing.