Vulnerabilities > CVE-2011-5204 - Credentials Management vulnerability in Akiva Webboard 8.0

047910
CVSS 1.9 - LOW
Attack vector
LOCAL
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
local
akiva
CWE-255
exploit available
NVD
Published: 2012-10-04
Updated: 2012-10-05

Summary

Akiva WebBoard 8.x stores passwords in plaintext, which allows local users to obtain sensitive information by reading from the database.

Vulnerable Configurations

Part Description Count
Application
Akiva
1

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionAkiva WebBoard 8.x SQL Injection Vulnerability. CVE-2011-5203,CVE-2011-5204. Webapps exploit for php platform
fileexploits/php/webapps/18293.txt
idEDB-ID:18293
last seen2016-02-02
modified2011-12-30
platformphp
port
published2011-12-30
reporterAlexander Fuchs
sourcehttps://www.exploit-db.com/download/18293/
titleAkiva WebBoard 8.x SQL Injection Vulnerability
typewebapps

References