Vulnerabilities > CVE-2008-0440 - Credentials Management vulnerability in Alstrasoft Forum PAY PER Post Exchange 2.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
AlstraSoft Forum Pay Per Post Exchange 2.0 stores passwords in cleartext, which makes it easier for attackers to access user accounts.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | AlstraSoft Forum Pay Per Post Exchange 2.0 SQL Injection Vulnerability. CVE-2008-0429,CVE-2008-0440. Webapps exploit for php platform |
| file | exploits/php/webapps/4956.txt |
| id | EDB-ID:4956 |
| last seen | 2016-01-31 |
| modified | 2008-01-21 |
| platform | php |
| port | |
| published | 2008-01-21 |
| reporter | t0pP8uZz |
| source | https://www.exploit-db.com/download/4956/ |
| title | AlstraSoft Forum Pay Per Post Exchange 2.0 - SQL Injection Vulnerability |
| type | webapps |