header-logo
Suggest Exploit
vendor:
Simple Chat!
by:
SecurityFocus
8.5
CVSS
HIGH
Information Disclosure
200
CWE
Product Name: Simple Chat!
Affected Version From: All versions
Affected Version To: All versions
Patch Exists: No
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Simple Chat! Information Disclosure

Simple Chat! does not restrict access to sensitive information by default, allowing an attacker to access the usr.dat file which contains sensitive information such as usernames and passwords.

Mitigation:

Restrict access to the usr.dat file by setting appropriate permissions.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7168/info

Simple Chat! does not restrict access to sensitive information by default. An attacker could use this information to launch attacks against other users.

http://www.example.com/chat/data/usr

Navigation

Suggest Exploit

Services By CQR