CVE

Id
36887  
CVE No.
CVE-2008-6770  
Status
Candidate  
Description
YourPlace 1.0.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to a database containing user credentials via a direct request for users.txt.  
Phase
Assigned (20090429)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
401563 36887 CVE-2008-6770 MILW0RM:7545  View
401564 36887 CVE-2008-6770 URL:http://www.milw0rm.com/exploits/7545  View
401565 36887 CVE-2008-6770 BID:32971  View
401566 36887 CVE-2008-6770 URL:http://www.securityfocus.com/bid/32971  View
401567 36887 CVE-2008-6770 SECUNIA:33272  View
401568 36887 CVE-2008-6770 URL:http://secunia.com/advisories/33272  View
401569 36887 CVE-2008-6770 XF:yourplace-users-information-disclosure(47565)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
43275 JVNDB-2009-004282 YourPlace の internettoolbar/edit.php における制限を回避される脆弱性 YourPlace の internettoolbar/edit.php は、無効なユーザ名を検知した場合に、実行を終了しないため、制限を回避される、およびツールバーの設定を編集される脆弱性が存在します。 CVE-2008-6774 36887 5 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-004282.html  View