Vulnerabilities > CVE-2008-0440 - Credentials Management vulnerability in Alstrasoft Forum PAY PER Post Exchange 2.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
AlstraSoft Forum Pay Per Post Exchange 2.0 stores passwords in cleartext, which makes it easier for attackers to access user accounts.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | AlstraSoft Forum Pay Per Post Exchange 2.0 SQL Injection Vulnerability. CVE-2008-0429,CVE-2008-0440. Webapps exploit for php platform |
| file | exploits/php/webapps/4956.txt |
| id | EDB-ID:4956 |
| last seen | 2016-01-31 |
| modified | 2008-01-21 |
| platform | php |
| port | |
| published | 2008-01-21 |
| reporter | t0pP8uZz |
| source | https://www.exploit-db.com/download/4956/ |
| title | AlstraSoft Forum Pay Per Post Exchange 2.0 - SQL Injection Vulnerability |
| type | webapps |