← back
CVE-2006-7061

CVE-2006-7061

EPSS 1.8%
Scriptsez.net E-Dating System stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read private messages and leverage them for cross-site scripting (XSS) attacks.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/bugtraq/2006-06/0067.htmlhttp://secunia.com/advisories/20535http://securityreason.com/securityalert/2300