CVE-2006-0439

Name of the Vulnerable Software and Affected Versions Text Rider version 2.4

Description The issue allows remote attackers to obtain usernames and password hashes by directly accessing the data/userlist.txt file due to insufficient access control. This is because sensitive data is stored in the data directory under the web document root.

Recommendations For version 2.4, restrict access to the data/userlist.txt file to prevent remote attackers from obtaining sensitive information. Consider implementing proper access controls to the data directory to mitigate the risk of exploitation.