Vulnerabilities > CVE-2008-3859 - Credentials Management vulnerability in Davlin Thickbox Gallery 2

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

davlin

CWE-255

exploit available

NVD

Published: 2008-08-29

Updated: 2017-09-29

Summary

Davlin Thickbox Gallery 2 allows remote attackers to obtain the administrative username and MD5 password hash via a direct request to conf/admins.php.

Vulnerable Configurations

Part	Description	Count
Application	Davlin Davlin Thickbox Gallery 2	1

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

Exploit-Db

description	Thickbox Gallery v2 (admins.php) Admin Data Disclosure Vulnerability. CVE-2008-3859. Webapps exploit for php platform
file	exploits/php/webapps/6314.txt
id	EDB-ID:6314
last seen	2016-02-01
modified	2008-08-26
platform	php
port
published	2008-08-26
reporter	SirGod
source	https://www.exploit-db.com/download/6314/
title	Thickbox Gallery 2.0 - admins.php Admin Data Disclosure Vulnerability
type	webapps

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

References