CVE-2004-1219 in paFileDBinfo

Summary

paFileDB 3.1, when using sessions authentication and while the administrator logs on, allows remote attackers to read the administrator's password hash and conduct brute force password guessing attacks by listing the contents of the sessions directory and reading the associated file for the administrator session.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

12/14/2004

Disclosure

01/10/2005

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
88453	paFileDB file.php privileges management	269	Not defined	Not defined	CVE-2004-1219
81827	paFileDB PAFileDB.PHP sql injection	89	High	Unavailable	CVE-2004-1219
23763	PHP Arena paFileDB cross site scripting	80	Not defined	Not defined	CVE-2004-1219

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!