Vulnerability Description
ScriptsEz FREEze Greetings 1.0 stores pwd.txt under the web root with insufficient access control, which allows remote attackers to obtain cleartext passwords.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Scriptsez | Freeze Greetings | 1.0 |
Related Weaknesses (CWE)
References
- http://osvdb.org/49883
- http://secunia.com/advisories/32744Vendor Advisory
- http://securityreason.com/securityalert/4633
- http://www.securityfocus.com/bid/32325
- https://www.exploit-db.com/exploits/7140
- http://osvdb.org/49883
- http://secunia.com/advisories/32744Vendor Advisory
- http://securityreason.com/securityalert/4633
- http://www.securityfocus.com/bid/32325
- https://www.exploit-db.com/exploits/7140
FAQ
What is CVE-2008-5218?
CVE-2008-5218 is a vulnerability with a CVSS score of 5.0 (MEDIUM). ScriptsEz FREEze Greetings 1.0 stores pwd.txt under the web root with insufficient access control, which allows remote attackers to obtain cleartext passwords.
How severe is CVE-2008-5218?
CVE-2008-5218 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5218?
Check the references section above for vendor advisories and patch information. Affected products include: Scriptsez Freeze Greetings.