CVE-2007-6399

index.php in Flat PHP Board 1.2 and earlier allows remote authenticated users to obtain the password for the current user account by reading the password parameter value in the HTML source for the page generated by a profile action.
Configurations

Configuration 1 (hide)

cpe:2.3:a:myupb:flat_php_board:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:40

Type Values Removed Values Added
References () http://osvdb.org/44118 - () http://osvdb.org/44118 -
References () http://www.securityfocus.com/archive/1/484803/100/100/threaded - () http://www.securityfocus.com/archive/1/484803/100/100/threaded -
References () http://www.securityfocus.com/bid/26782 - () http://www.securityfocus.com/bid/26782 -
References () https://www.exploit-db.com/exploits/4705 - () https://www.exploit-db.com/exploits/4705 -

Information

Published : 2007-12-17 18:46

Updated : 2024-11-21 00:40


NVD link : CVE-2007-6399

Mitre link : CVE-2007-6399

CVE.ORG link : CVE-2007-6399


JSON object : View

Products Affected

myupb

  • flat_php_board
CWE
CWE-255

Credentials Management Errors