Openforum Remote password Disclosure

Published
Credit
Risk
2007.01.05
Aria-security Team
Low
CWE
CVE
Local
Remote
N/A
CVE-2007-0076
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

#<Aria-Security Team>
#<Happy New Year!!>
#<Aria-Security.com For English>
#<Aria-Security.net For Parsi>
#Discovered: Aria-Security Team
#Vendor: http://www.2enetworx.com/dev/projects/openforum.asp
#Risk: Low
#Type:Remote (Password Disclosure)
#PoC:
#
#http://TARGET/path/openforum.mdb
#
#Contact: advisory (at) aria-security (dot) net [email concealed]


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2015, cxsecurity.com