Bug: EMembersPro 1.0 Remote Password Disclosure Vulnerability ( Ascii Version )

Search:
WLB2

EMembersPro 1.0 Remote Password Disclosure Vulnerability

Published
Credit
Risk
2007.01.09
beks
Medium
CWE
CVE
Local
Remote
N/A
CVE-2007-0149
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

EMembersPro 1.0 Remote Password Disclosure Vulnerability

#Software: EMembersPro

#Version: 1.0

#Download: http://www.keyvan1.com/package/member.zip

#Found by: beks

#Risk: Medium

#http://[target]/[EMembersPro_Path]/users.mdb

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version