Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6399

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2007-6399
Last Modified 15 Nov 2008 02:04:32
Published 17 Dec 2007 01:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2007-6399

Summary

index.php in Flat PHP Board 1.2 and earlier allows remote authenticated users to obtain the password for the current user account by reading the password parameter value in the HTML source for the page generated by a profile action.

Vulnerable Systems

Application

  • Myupb Flat Php Board 1.2


References

MILW0RM - 4705

OSVDB - 44118

BID - 26782

BUGTRAQ - 20071209 Flat PHP Board <= 1.2 Multiple Vulnerabilities


Last Updated: 27 May 2016 10:46:28