Описание
clogin.php in Benchmark Designs' WHM AutoPilot 2.4.5 and earlier allows remote attackers to obtain plaintext username and password credentials by using the clogin_e and base64_encode functions to encode the desired user ID in the c parameter, then read the plaintext values in the resulting form.
clogin.php in Benchmark Designs' WHM AutoPilot 2.4.5 and earlier allows remote attackers to obtain plaintext username and password credentials by using the clogin_e and base64_encode functions to encode the desired user ID in the c parameter, then read the plaintext values in the resulting form.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-2524
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16849
- http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1310.html
- http://secunia.com/advisories/12200
- http://securitytracker.com/id?1010833
- http://www.osvdb.org/8279
- http://www.securityfocus.com/bid/10846
EPSS
CVE ID
Связанные уязвимости
clogin.php in Benchmark Designs' WHM AutoPilot 2.4.5 and earlier allows remote attackers to obtain plaintext username and password credentials by using the clogin_e and base64_encode functions to encode the desired user ID in the c parameter, then read the plaintext values in the resulting form.
EPSS