Vulnerabilities > CVE-2008-3840 - Credentials Management vulnerability in Craftysyntax Crafty Syntax Live Help

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
craftysyntax
CWE-255
NVD
Published: 2008-08-27
Updated: 2018-10-11

Summary

Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.

Vulnerable Configurations

Part Description Count
Application
Craftysyntax
67

Common Weakness Enumeration (CWE)

References