Vulnerabilities > CVE-2006-0572 - Input Validation vulnerability in Hinton Design PHPstatus 1.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
hinton-design

Summary

phpstatus 1.0 does not require passwords when using cookies to identify a user, which allows remote attackers to bypass authentication.

Vulnerable Configurations

Part Description Count
Application
Hinton_Design
1

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/43802/EV0061.txt
idPACKETSTORM:43802
last seen2016-12-05
published2006-02-14
reporterAliaksandr Hartsuyeu
sourcehttps://packetstormsecurity.com/files/43802/EV0061.txt.html
titleEV0061.txt