Openforum Remote password Disclosure

2007.01.05

Credit: Aria-security Team

Risk: Low

Local: No

Remote: Yes

CVE: CVE-2007-0076

CWE: CWE-Other

CVSS Base Score: 7.5/10

Impact Subscore: 6.4/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: Partial

Integrity impact: Partial

Availability impact: Partial

#<Aria-Security Team>
#<Happy New Year!!>
#<Aria-Security.com For English>
#<Aria-Security.net For Parsi>
#Discovered: Aria-Security Team
#Vendor: http://www.2enetworx.com/dev/projects/openforum.asp
#Risk: Low
#Type:Remote (Password Disclosure)
#PoC:
#
#http://TARGET/path/openforum.mdb
#
#Contact: advisory (at) aria-security (dot) net [email concealed]

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

Openforum Remote password Disclosure

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Openforum Remote password Disclosure

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.