← back
CVE-2007-5816

CVE-2007-5816

EPSS 2.5%
dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to obtain sensitive author credentials by making a request with an editauthor action, then reading the value of the newlocalpassword password input field in the HTML source of the resulting page.
Affected products
n/a · n/a
public PoCs found2
cve_referencepacketstorm.linuxsecurity.com/0710-exploits/contentcustom-disclose.txtunverifiedexploitdbwww.exploit-db.com/exploits/30732unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/39150http://packetstorm.linuxsecurity.com/0710-exploits/contentcustom-disclose.txthttp://secunia.com/advisories/27440http://www.securityfocus.com/bid/26291