CVE-2003-1423

Loading...

General

Score:5.0/10.0
Severity:Medium
Category:Access Control Error

Impact Metrics

Confidentiality:Partial
Integrity:None
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 31/12/03 - Updated on 29/07/17

Description

Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords.

Category: Access Control Error

CWE-264 (Permissions, Privileges, and Access Control)
Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

Security Notices

US National Vulnerability DatabaseCVE-2003-1423

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
petitforumpetitforum

Share this vulnerability with:

Twitter Facebook LinkedIn Mail