DeluxeBB 1.08, and possibly earlier, uses cookies that include the MD5 hash of a password, which allows remote malicious users to gain privileges by sniffing or cross-site scripting (XSS) and conduct password guessing attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
deluxebb deluxebb 1.06 |
||
deluxebb deluxebb 1.07 |
||
deluxebb deluxebb 1.0 |
||
deluxebb deluxebb 1.05 |
||
deluxebb deluxebb |