CVE-2021-25898

Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Published: 23/04/2021 Updated: 06/05/2021

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

An issue exists in svc-login.php in Void Aural Rec Monitor 9.0.0.1. Passwords are stored in unencrypted source-code text files. This was noted when accessing the svc-login.php file. The value is used to authenticate a high-privileged user upon authenticating with the server.

Vulnerable Product	Search on Vulmon	Subscribe to Product
void aural rec monitor 9.0.0.1

CWE-798 CWE-312 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/all-your-databases-belong-to-me-a-blind-sqli-case-study/https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=28765 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-25898

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect