Vulnerabilities > CVE-2005-2192 - Remote Security vulnerability in Alexander Palmo Simple PHP Blog 0.4.0

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

alexander-palmo

exploit available

NVD

Published: 2005-07-11

Updated: 2016-10-18

Summary

SimplePHPBlog 0.4.0 stores password hashes in config/password.txt with insufficient access control, which allows remote attackers to obtain passwords via a brute force attack.

Vulnerable Configurations

Part	Description	Count
Application	Alexander_Palmo Alexander Palmo Simple PHP Blog 0.4.0	1

Exploit-Db

description	Simple PHP Blog <= 0.4.0 Multiple Remote Exploits. CVE-2005-2192,CVE-2005-2733,CVE-2005-2787. Webapps exploit for php platform
id	EDB-ID:1191
last seen	2016-01-31
modified	2005-09-01
published	2005-09-01
reporter	Kenneth Belva
source	https://www.exploit-db.com/download/1191/
title	Simple PHP Blog <= 0.4.0 - Multiple Remote Exploits

Summary

Vulnerable Configurations

Exploit-Db

References