CVE-2005-1220

2005-04-2204:00:00

mitre

www.cve.org

AI Score

6.3

Confidence

Low

EPSS

0.011

Percentile

84.3%

JSON

Shoutbox SCRIPT 3.0.2 and earlier allows remote attackers to obtain sensitive information via a direct request to db/settings.dat, which displays usernames and password hashes.

References

marc.info/?l=bugtraq&m=111402253108991&w=2

secunia.com/advisories/15015

www.osvdb.org/15695

exchange.xforce.ibmcloud.com/vulnerabilities/20177