CVE-2006-5018

Medium

4/10

Summary

ContentKeeper 123.25 and earlier places passwords in cleartext in an INPUT element in cgi-bin/ck/changepw.cgi, which allows remote authenticated users to obtain passwords via this URI.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: SINGLE
Integrity Impact: NONE
Confidentiality Impact: PARTIAL
Availability Impact: NONE

References

Advisory Timeline

Published Sep 27, 2006

CVE-2006-5018

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS