Vulnerability Description
include/imageupload.js in the MyFTPUploader module in Stride 1.0 contains sensitive information including FTP login credentials, which might allow remote attackers to gain unauthorized access to the FTP server being used by the module by viewing the source code.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Javaatwork | Myftpuploader Module | All versions |
| Scottmanktelow | Stride | 1.0 |
Related Weaknesses (CWE)
References
- http://osvdb.org/45487
- http://securityreason.com/securityalert/3216
- http://securityvulns.ru/Sdocument4.htmlExploit
- http://www.securityfocus.com/archive/1/482006/100/0/threaded
- http://osvdb.org/45487
- http://securityreason.com/securityalert/3216
- http://securityvulns.ru/Sdocument4.htmlExploit
- http://www.securityfocus.com/archive/1/482006/100/0/threaded
FAQ
What is CVE-2007-5431?
CVE-2007-5431 is a vulnerability with a CVSS score of 7.8 (HIGH). include/imageupload.js in the MyFTPUploader module in Stride 1.0 contains sensitive information including FTP login credentials, which might allow remote attackers to gain unauthorized access to the F...
How severe is CVE-2007-5431?
CVE-2007-5431 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5431?
Check the references section above for vendor advisories and patch information. Affected products include: Javaatwork Myftpuploader Module, Scottmanktelow Stride.