QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2005-4219

Back to search

CVE-2005-4219

Published: Dec 14, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

setting.php in Innovative CMS (ICMS, formerly Imoel-CMS) contains username and password information in cleartext, which might allow attackers to obtain this information via a direct request to setting.php. NOTE: on a properly configured web server, it would be expected that a .php file would be processed before content is returned to the user, so this might not be a vulnerability.

VendorProductVersions

n/a

n/a

affected
n/a

References

21766
vdb-entry
x_refsource_OSVDB
20051212 IMOEL CMS Sql password discovery
mailing-list
x_refsource_BUGTRAQ
250
third-party-advisory
x_refsource_SREASON
20051214 Re: IMOEL CMS Sql password discovery
mailing-list
x_refsource_BUGTRAQ
1015343
vdb-entry
x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now