CVE-2006-0352 in FLoginfo

Summary

The default configuration of Fluffington FLog 1.01 installs users.0.dat under the web document root with insufficient access control, which might allow remote attackers to obtain sensitive information (login credentials) via a direct request. NOTE: It was later reported that 1.1.2 is also affected.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

01/21/2006

Disclosure

01/20/2006

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-200

CVSS

5.3

EPSS

0.00427

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2006-0352
NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-0352
CVE Details	https://www.cvedetails.com/cve/CVE-2006-0352/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!