Vulnerabilities > CVE-2008-2857 - Credentials Management vulnerability in Alstrasoft Askme

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
alstrasoft
CWE-255
exploit available
NVD
Published: 2008-06-25
Updated: 2024-11-21

Summary

AlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.

Vulnerable Configurations

Part Description Count
Application
Alstrasoft
1

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionAlstraSoft AskMe Pro <= 2.1 Multiple SQL Injection Vulnerabilities. CVE-2008-2857,CVE-2008-2902. Webapps exploit for php platform
fileexploits/php/webapps/5821.txt
idEDB-ID:5821
last seen2016-01-31
modified2008-06-14
platformphp
port
published2008-06-14
reportert0pP8uZz
sourcehttps://www.exploit-db.com/download/5821/
titleAlstraSoft AskMe Pro <= 2.1 - Multiple SQL Injection Vulnerabilities
typewebapps

References