Unrated severityNVD Advisory· Published May 22, 2006· Updated Jun 16, 2026
CVE-2006-2522
CVE-2006-2522
Description
Dayfox Blog 2.0 and earlier stores user credentials in edit/slog_users.txt under the web document root with insufficient access control, which allows remote attackers to gain privileges.
Affected products
2cpe:2.3:a:dayfox_designs:dayfox_blog:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:dayfox_designs:dayfox_blog:*:*:*:*:*:*:*:*range: <=2.0
- (no CPE)range: <=2.0
Patches
Vulnerability mechanics
References
6- colander.altervista.org/advisory/DayfoxBlog.txtnvdExploitVendor Advisory
- secunia.com/advisories/20216nvdVendor Advisory
- securitytracker.com/idnvd
- www.osvdb.org/25689nvd
- www.vupen.com/english/advisories/2006/1904nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/26623nvd
News mentions
0No linked articles in our index yet.