PT-2008-2072 · Alstrasoft · Alstrasoft Forum Pay Per Post Exchange

T0Pp8Uzz

Published

2008-01-23

Updated

2017-09-29

CVE-2008-0440

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions AlstraSoft Forum Pay Per Post Exchange version 2.0

Description The issue allows attackers to access user accounts more easily because passwords are stored in cleartext.

Recommendations For version 2.0, update the software to store passwords securely, such as using a hashing algorithm, to prevent unauthorized access to user accounts.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2008-0440

Affected Products

Alstrasoft Forum Pay Per Post Exchange

PT-2008-2072 · Alstrasoft · Alstrasoft Forum Pay Per Post Exchange

CVE-2008-0440

Weakness Enumeration

Related Identifiers

Affected Products

References · 2