Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown
CVE-2006-6890
Disclosure Date: December 31, 2006 (last updated October 04, 2023)
Voodoo chat 1.0RC1b stores sensitive information under the web root with insufficient access control, which allows remote attackers to download passwords via a direct request for data/users.dat.
0
Attacker Value
Unknown
CVE-2006-3991
Disclosure Date: August 05, 2006 (last updated October 04, 2023)
PHP remote file inclusion vulnerability in index.php in Vlad Vostrykh Voodoo chat 1.0RC1b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the file_path parameter.
0
