EJ3 TOPo 2.2.178 includes the password in cleartext in the ID field to index.php, which allows context-dependent attackers to obtain entry passwords via log files, referrers, or other vectors.
References
Configurations
History
21 Nov 2024, 00:14
Type | Values Removed | Values Added |
---|---|---|
References | () http://securityreason.com/securityalert/1279 - | |
References | () http://www.securityfocus.com/archive/1/439890/100/100/threaded - |
Information
Published : 2006-07-25 13:22
Updated : 2024-11-21 00:14
NVD link : CVE-2006-3834
Mitre link : CVE-2006-3834
CVE.ORG link : CVE-2006-3834
JSON object : View
Products Affected
ej3
- topo
CWE