2 matches found
CVE-2014-3445
CVE-2014-3445 describes an authentication bypass in HandsomeWeb SOS Webpages prior to 1.1.12. The vulnerability resides in backup.php, which allows an unauthenticated user to perform administrative backups and potentially disclose the administrator password hash by manipulating the MD5-based key ...
HandsomeWeb SOS Webpages 1.1.11 Backup / Hash Disclosure
Vulnerability title: Unauthenticated Backup and Password Disclosure in HandsomeWeb SOS Webpages CVE: CVE-2014-3445 Vendor: HandsomeWeb Product: SOS Webpages Affected version: 1.1.11 and earlier Fixed version: 1.1.12 Reported by: Freakyclown Details: The default setup allows an unauthenticated use...