Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
1 vulnerability by handsomeweb
CVE-2014-3445 (GCVE-0-2014-3445)
Vulnerability from cvelistv5 – Published: 2020-01-28 14:09 – Updated: 2024-08-06 10:43
VLAI
Summary
backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://packetstormsecurity.com/files/126844/Hands… | x_refsource_MISC |
| http://sourceforge.net/projects/soswebpages/files… | x_refsource_MISC |
| http://seclists.org/fulldisclosure/2014/May/130 | x_refsource_MISC |
| http://www.securityfocus.com/bid/67644 | x_refsource_MISC |
| https://www.portcullis-security.com/security-rese… | x_refsource_MISC |
Date Public
2014-05-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:06.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/126844/HandsomeWeb-SOS-Webpages-1.1.11-Backup-Hash-Disclosure.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sourceforge.net/projects/soswebpages/files/SOS%20Webpages/SOS%20Webpages%201.1.12/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/May/130"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67644"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3445/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-28T14:09:12.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/126844/HandsomeWeb-SOS-Webpages-1.1.11-Backup-Hash-Disclosure.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sourceforge.net/projects/soswebpages/files/SOS%20Webpages/SOS%20Webpages%201.1.12/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://seclists.org/fulldisclosure/2014/May/130"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/67644"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3445/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3445",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/126844/HandsomeWeb-SOS-Webpages-1.1.11-Backup-Hash-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/126844/HandsomeWeb-SOS-Webpages-1.1.11-Backup-Hash-Disclosure.html"
},
{
"name": "http://sourceforge.net/projects/soswebpages/files/SOS%20Webpages/SOS%20Webpages%201.1.12/",
"refsource": "MISC",
"url": "http://sourceforge.net/projects/soswebpages/files/SOS%20Webpages/SOS%20Webpages%201.1.12/"
},
{
"name": "http://seclists.org/fulldisclosure/2014/May/130",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2014/May/130"
},
{
"name": "http://www.securityfocus.com/bid/67644",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/67644"
},
{
"name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3445/",
"refsource": "MISC",
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3445/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3445",
"datePublished": "2020-01-28T14:09:12.000Z",
"dateReserved": "2014-05-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:43:06.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}