7 matches found
CVE-2014-3445
backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash...
Authentication flaw
backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash...
CVE-2014-3445
backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash...
CVE-2014-3445
CVE-2014-3445 describes an authentication bypass in HandsomeWeb SOS Webpages prior to 1.1.12. The vulnerability resides in backup.php, which allows an unauthenticated user to perform administrative backups and potentially disclose the administrator password hash by manipulating the MD5-based key ...
CVE-2014-3445 - Unauthenticated Backup and Password Disclosure in HandsomeWeb SOS Webpages
Vulnerability title: Unauthenticated Backup and Password Disclosure in HandsomeWeb SOS Webpages CVE: CVE-2014-3445 Vendor: HandsomeWeb Product: SOS Webpages Affected version: 1.1.11 and earlier Fixed version: 1.1.12 Reported by: Freakyclown Details: The default setup allows an unauthenticated use...
SOS Webpages 1.1.1 /backup.php 备份文件发现漏洞
No description provided by source...
HandsomeWeb SOS Webpages 1.1.11 Backup / Hash Disclosure
Vulnerability title: Unauthenticated Backup and Password Disclosure in HandsomeWeb SOS Webpages CVE: CVE-2014-3445 Vendor: HandsomeWeb Product: SOS Webpages Affected version: 1.1.11 and earlier Fixed version: 1.1.12 Reported by: Freakyclown Details: The default setup allows an unauthenticated use...