Vulnerability Description
ArtsCore Studios CuteCast Forum 1.2 stores passwords in plaintext under the web document root, which allows remote attackers to obtain the passwords via an HTTP request to a .user file.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Artscore Studios | Cutecast Forum | 1.2 |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-11/0058.htmlExploitVendor Advisory
- http://www.iss.net/security_center/static/10556.phpExploit
- http://www.securityfocus.com/bid/6127Exploit
- http://archives.neohapsis.com/archives/bugtraq/2002-11/0058.htmlExploitVendor Advisory
- http://www.iss.net/security_center/static/10556.phpExploit
- http://www.securityfocus.com/bid/6127Exploit
FAQ
What is CVE-2002-2190?
CVE-2002-2190 is a vulnerability with a CVSS score of 7.5 (HIGH). ArtsCore Studios CuteCast Forum 1.2 stores passwords in plaintext under the web document root, which allows remote attackers to obtain the passwords via an HTTP request to a .user file.
How severe is CVE-2002-2190?
CVE-2002-2190 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-2190?
Check the references section above for vendor advisories and patch information. Affected products include: Artscore Studios Cutecast Forum.