NuytsTech Security

CVE-2006-5018

by ·

ContentKeeper 123.25 and earlier places passwords in cleartext in an INPUT element in cgi-bin/ck/changepw.cgi, which allows remote authenticated users to obtain passwords via this URI.

Date published : 2006-09-27

http://www.securityfocus.com/bid/20152

http://www.securityfocus.com/archive/1/446719/100/0/threaded

Tags: