Vulnerabilities > CVE-2008-0724 - Credentials Management vulnerability in the Everything Development Company the Everything Development Engine
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The Everything Development Engine in The Everything Development System Pre-1.0 and earlier stores passwords in cleartext in a database, which makes it easier for context-dependent attackers to obtain access to user accounts.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
description | The Everything Development System <= Pre-1.0 SQL Injection Vuln. CVE-2008-0675,CVE-2008-0724. Webapps exploit for php platform |
file | exploits/php/webapps/5037.txt |
id | EDB-ID:5037 |
last seen | 2016-01-31 |
modified | 2008-02-02 |
platform | php |
port | |
published | 2008-02-02 |
reporter | sub |
source | https://www.exploit-db.com/download/5037/ |
title | The Everything Development System <= Pre-1.0 - SQL Injection Vuln |
type | webapps |