CVE-2007-6361 (Gekko) |
|
| BugsAlert Home > CVE-2007-6361 (Gekko) | |
|
Gekko 0.8.2 and earlier stores sensitive information under the web root with possibly insufficient access control, which might allow remote attackers to read certain files under temp/, as demonstrated by a log file that records the titles of blog entries. NOTE: access to temp/ is blocked by .htaccess in most deployments that use Apache HTTP Server. Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6361 Learn more about CVE-2007-6361 (Gekko) |
|
| Tags: cve-2007-6361 gekko | |
Related Items |
|
|
Jamie Reid: Finding a Cure for Data Loss
|
|
|
Vuln: eggBlog Unspecifed Cookie SQL Injection Vulnerability
|
|
|
CVE-2008-2120 (Java System Application Server, Java System Web Server)
|
|
|
CVE-2008-5758 (phparanoid)
|
|
|
AVG 8 Free update failure
|
|
|
Xen PAL Emulation "copy_to_user()" Security Bypass
|
|
|
PHP Multiple Vulnerabilities
|
|
