5
CVSSv2

CVE-2008-0724

Published: 12/02/2008 Updated: 15/10/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

The Everything Development Engine in The Everything Development System Pre-1.0 and previous versions stores passwords in cleartext in a database, which makes it easier for context-dependent malicious users to obtain access to user accounts.

Vulnerable Product Search on Vulmon Subscribe to Product

the everything development company the everything development engine

Exploits

Application: The Everything Development System Version(s): <= Pre-10 (current version at time of release) Author: sub < sub@room641anet > Released: 2/1/2008 There exists a vulnerability in The Everything Development Engine that allows a user to inject their own SQL to modify a SELECT query, leading to information di ...