Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Scriptsez Smart PHP Subscriber (aka subscribe) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain encoded passwords via a direct request for pwd.txt.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Scriptsez Smart PHP Subscriber 'pwd.txt' 密码信息泄露漏洞
Vulnerability Description
Scriptsez Smart PHP Subscriber(又称subscribe)在web根下储存敏感信息而未赋予足够的访问限制,这使得远程攻击者可以借助一个对pwd.txt的直接请求,获得编码过的密码。
CVSS Information
N/A
Vulnerability Type
N/A