vendor:
WWWBoard
by:
bd0rk
5.5
CVSS
MEDIUM
Password Disclosure
CWE
Product Name: WWWBoard
Affected Version From: WWWBoard 2.0 Alpha
Affected Version To: WWWBoard 2.0 Alpha
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
2007
WWWBoard 2.0 Alpha 2 (passwd.txt) Password Disclosure Vulnerability
This vulnerability allows an attacker to disclose passwords from the passwd.txt file in WWWBoard 2.0 Alpha 2. The exploit can be accessed through the URL http://[target]/[www_board_path]/passwd.txt.
Mitigation:
To mitigate this vulnerability, it is recommended to upgrade to a newer version of WWWBoard or apply any available patches.