CuteCast 1.2 - User Credential Disclosure

EDB-ID:

21995

CVE:

2002-2190

EDB Verified:

Author:

Zero-X

Type:

webapps

Exploit: /

Platform:

CGI

Date:

2002-11-07

Vulnerable App:

source: https://www.securityfocus.com/bid/6127/info

It has been reported that the default configuration of CuteCast is insecure. According to the report, CuteCast stores user information in a publicly accessible directory. This includes plaintext credentials. 

http://www.example.com/cgi-bin/cutecast/members/<username>.user

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services