CVE-2006-6891

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
31/12/2006
Last modified:
09/04/2025

Description

Vz (Adp) Forum 2.0.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the administrative account name and password hash via a direct request for users/admin.txt.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:vz_forum:vz_forum:2.0.3:*:*:*:*:*:*:*