|
Family: CGI abuses --> Category: infos
Singapore MD5 Administrative Password Disclosure Vulnerability Scan
Vulnerability Scan Summary Checks adminusers.csv presence
Detailed Explanation for this Vulnerability Test
Singapore is a PHP based photo gallery web application.
Due to inaddequate security settings, the file used to stored the
administrative password is easily accessible, and the MD5 with which
the product protects the password is feasibably crackable.
Solution: Use the web site's ACL to deny access to the file adminusers.csv.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|