Design/Logic Flaw

2008-02-1202:00:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.7%

JSON

The Everything Development Engine in The Everything Development System Pre-1.0 and earlier stores passwords in cleartext in a database, which makes it easier for context-dependent attackers to obtain access to user accounts.

CPENameOperatorVersion
the_everything_development_engineeq<= pre-1.0

CPE	Name	Operator	Version
	the_everything_development_engine	eq	<= pre-1.0

References

securityreason.com/securityalert/3631

www.securityfocus.com/archive/1/487436/100/0/threaded

www.exploit-db.com/exploits/5037