|
|
CVE Reference: CVE-2006-7061 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-7061 |
|
|
Description: Scriptsez.net E-Dating System stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read private messages and leverage them for cross-site scripting (XSS) attacks. |
|
|
CVE Status: Candidate |
|
|
References: SREASON http://securityreason.com/securityalert/2300 SAID Secunia Advisory: SA20535 BUGTRAQ http://archives.neohapsis.com/archives/bugtraq/2006-06/0067.html |
|
| Return to the previous page. |
