Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4261


Vulnerability Score 7.5 7.5
CVE Id CVE-2007-4261
Last Modified 05 Nov 2012 10:44:55
Published 08 Aug 2007 07:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



EZPhotoSales 1.9.3 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download (1) a file containing cleartext passwords via a direct request for OnlineViewing/data/galleries.txt, or (2) a file containing username hashes and password hashes via a direct request for OnlineViewing/configuration/config.dat/. NOTE: vector 2 can be leveraged for administrative access because authentication does not require knowledge of cleartext values, but instead uses the username hash in the ConfigLogin parameter and the password hash in the ConfigPassword parameter.

Vulnerable Systems


  • Ez Photo Sales 1.9.3


BUGTRAQ - 20070806 EZPhotoSales 1.9.3 Multiple Vulnerabilities




BID - 25323

SREASON - 2985

SECUNIA - 26341

XF - ezphotosales-config-information-disclosure(35841)

XF - ezphotosales-galleries-info-disclosure(35840)

Last Updated: 27 May 2016 10:47:21