Intelligence Center » Browse All Vulnerabilities » CVE-2006-3398
Overview |
|
| Vulnerability Score |  5.0 |
| CVE Id | CVE-2006-3398 |
| Last Modified | 07 Mar 2011 09:38:32 |
| Published | 06 Jul 2006 04:05:00 |
| Confidentiality Impact | PARTIAL |
| Integrity Impact |  NONE |
| Availability Impact | NONE |
| Access Vector | NETWORK |
| Access Complexity | LOW |
| Authentication | NONE |
CVE-2006-3398
Summary
The "change password forms" in Taskjitsu before 2.0.1 includes password hashes in hidden form fields, which allows remote attackers to obtain sensitive information from the (1) Category Editor and (2) User Information editor.
Vulnerable Systems
Application
Pkr Internet Taskjitsu 0.1
Pkr Internet Taskjitsu 2.0
References
MISC - https://www.pkrinternet.com/taskjitsu/task/3400
VUPEN - ADV-2006-2660
CONFIRM - http://www.pkrinternet.com/download/RELEASE-NOTES.txt
IT Risk Posture:
Free Risk Assessment Tools
Application Scanner
Find vulnerabilities on your network.
Device Scanner
Find vulnerabilities on your network.
Patch Scanner
Find vulnerabilities on your network.
Last Updated: 27 May 2016 10:42:58
