Quicksilver Forums before 1.4.1 allows remote attackers to obtain sensitive information by causing unspecified connection errors, which reveals the database password in the resulting error message.
References
Configurations
History
21 Nov 2024, 00:37
Type | Values Removed | Values Added |
---|---|---|
References | () http://forums.quicksilverforums.com/index.php?a=topic&t=1332 - Patch | |
References | () http://secunia.com/advisories/26998 - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/25887 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/36891 - |
Information
Published : 2007-10-01 20:17
Updated : 2024-11-21 00:37
NVD link : CVE-2007-5172
Mitre link : CVE-2007-5172
CVE.ORG link : CVE-2007-5172
JSON object : View
Products Affected
quicksilver_forums
- quicksilver_forums
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor