CVE-2003-1401

N/A

Descripcion

login.php in php-Board 1.0 stores plaintext passwords in $username.txt with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information via a direct request.

Detalles CVE

Puntuacion CVSS v3.1N/A

Publicado12/31/2003

Ultima modificacion4/16/2026

Fuentenvd

Avistamientos honeypot0

Productos afectados

php_board:php_board

Debilidades (CWE)

CWE-255

Referencias

http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0069.html(cve@mitre.org)

http://www.securityfocus.com/bid/6862(cve@mitre.org)

https://exchange.xforce.ibmcloud.com/vulnerabilities/11338(cve@mitre.org)

http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0069.html(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/bid/6862(af854a3a-2127-422b-91ae-364da2661108)

https://exchange.xforce.ibmcloud.com/vulnerabilities/11338(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.