Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: infos

paFileDB password hash disclosure Vulnerability Scan

Vulnerability Scan Summary
Acertains the version of paFileDB

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web server contains a PHP script that is affected by an
information disclosure issue.

Description :

According to its version number, the remote installation of paFileDB is
vulnerable to an attack that would allow a possible hacker to view the
password hash of user accounts, including an administrator account, by
making a direct request to the application's 'sessions' directory. This
may allow a possible hacker to perform brute force attack on the password hash
and gain access to account information.

The vulnerability exists only when session-based authentication is
performed, which is not the default.

See also :


Threat Level:

Low / CVSS Base Score : 2

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.