CVE-2006-0370
Description
Noah Medling RCBlog 1.03 stores the data and config directories under the web root with insufficient access control, which allows remote attackers to view account names and MD5 password hashes.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- cpe:2.3:a:noah_medling:rcblog:1.03:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
Root cause
"Insufficient access control on the data and config directories under the web root allows direct retrieval of account names and MD5 password hashes."
Attack vector
An attacker can directly request files in the `data` or `config` directories (e.g., `http://host/rcblog/data/...` or `http://host/rcblog/config/...`) because no access control is enforced. This exposes registered user account names and MD5 password hashes. A separate directory-traversal vector via the `post` parameter in `index.php` also allows reading arbitrary `.txt` files, including the password file [ref_id=1].
Affected code
The `data` and `config` directories are stored under the web root without `.htaccess` protection. Additionally, the `$_GET[post]` parameter in `index.php` is not sanitized, allowing directory traversal to read arbitrary `.txt` files.
What the fix does
The advisory states that no patch or solution is available from the vendor [ref_id=1]. To remediate the issue, administrators must manually add `.htaccess` restrictions to the `data` and `config` directories and sanitize the `$_GET[post]` parameter in `index.php` to prevent directory traversal.
Preconditions
- configThe data and config directories must be in the web root without .htaccess protection (default installation).
- networkNo authentication is required; the attacker only needs network access to the web server.
Generated on Jun 17, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
7- evuln.com/vulns/42/summary.htmlnvdExploitVendor Advisory
- secunia.com/advisories/18547nvdVendor Advisory
- www.fluffington.com/index.phpnvdURL Repurposed
- securitytracker.com/idnvd
- www.osvdb.org/22679nvd
- www.securityfocus.com/archive/1/422499/100/0/threadednvd
- exchange.xforce.ibmcloud.com/vulnerabilities/24249nvd
News mentions
0No linked articles in our index yet.