CVE-2005-3766 — Exponent CMS 0.96.3 and later versions stores sensitive user pages under the web document root with insufficient access control even though certain permissions are specified, which allows attackers to — CVE Database · The Intelligence Room