header-logo
Suggest Exploit
vendor:
Guestbook
by:
SecurityFocus
7.5
CVSS
HIGH
Clear Text Password Retrieval
N/A
CWE
Product Name: Guestbook
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Clear Text Password Retrieval

A vulnerability has been reported in Planetmoon Guestbook, which allows remote users to retrieve clear text password lists. This is done by accessing the URL http://[somehost]/[gb_dir]/files/passwd.txt, which contains the clear text passwords.

Mitigation:

The vendor has released a patch to address this issue.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7167/info

A vulnerability has been reported in Planetmoon Guestbook. It has been reported that remote users may be able to retrieve clear text password lists. Access to this data may allow an attacker to carry out further attacks against a target user.

http://[somehost]/[gb_dir]/files/passwd.txt

Navigation

Suggest Exploit

Services By CQR