Invision Power Board Plaintext Password Disclosure Vuln

From: JeiAr (jeiarat_private)
Date: Fri Apr 25 2003 - 13:17:20 PDT

Next message: skybristolat_private: "Microsoft IIS Integrated Authentication"

Previous message: blightninjasat_private: "Re: Exploit for PopPToP PPTP server - Working version"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) Invision Power Board Plaintext Password Disclosure Vuln ------------------------------------------------------- Version: All? Problem: Invision Power Board gives an admin the option to create a pass protected forum. The problem with this is that the password is then stored in the cookie fully readable as it is shown in plaintext. Credits: All credit goes to JeiAr of GulfTech Computers

Next message: skybristolat_private: "Microsoft IIS Integrated Authentication"
Previous message: blightninjasat_private: "Re: Exploit for PopPToP PPTP server - Working version"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 25 2003 - 14:01:10 PDT