index.php in Flat PHP Board 1.2 and earlier allows remote authenticated users to obtain the password for the current user account by reading the password parameter value in the HTML source for the page generated by a profile action.
References
Configurations
History
21 Nov 2024, 00:40
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/44118 - | |
References | () http://www.securityfocus.com/archive/1/484803/100/100/threaded - | |
References | () http://www.securityfocus.com/bid/26782 - | |
References | () https://www.exploit-db.com/exploits/4705 - |
Information
Published : 2007-12-17 18:46
Updated : 2024-11-21 00:40
NVD link : CVE-2007-6399
Mitre link : CVE-2007-6399
CVE.ORG link : CVE-2007-6399
JSON object : View
Products Affected
myupb
- flat_php_board
CWE
CWE-255
Credentials Management Errors