CVE-2006-3753

2006-07-2023:00:00

mitre

www.cve.org

6.7 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.3%

JSON

setcookie.php for the administration login in Professional Home Page Tools Guestbook records the hash of the administrator password in a cookie, which allows attackers to conduct brute force password guessing attacks after obtaining the hash.

References

artemis.abenteuer-mittelerde.de/pub/adv02-phptgb.txt

secunia.com/advisories/21102

securitytracker.com/id?1016550

www.securityfocus.com/archive/1/440421/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/27775