Vulnerabilities > CVE-2009-4945 - Credentials Management vulnerability in Atutor Acollab 1.2

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

atutor

CWE-255

NVD

Published: 2010-07-22

Updated: 2018-10-10

Summary

AdPeeps 8.5d1 has a default password of admin for the admin account, which makes it easier for remote attackers to obtain access via requests to index.php.

Vulnerable Configurations

Part	Description	Count
Application	Atutor Atutor Acollab 1.2	1

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

References

http://forum.intern0t.net/intern0t-advisories/1049-intern0t-adpeeps-8-5d1-cross-site-scripting-html-injection-vulnerabilities.html
http://www.securityfocus.com/archive/1/503855/100/0/threaded
http://www.securityfocus.com/archive/1/503911/100/0/threaded