CVE-2005-2192

SimplePHPBlog 0.4.0 - Info Disclosure

Title source: llm

Description

SimplePHPBlog 0.4.0 stores password hashes in config/password.txt with insufficient access control, which allows remote attackers to obtain passwords via a brute force attack.

Exploits (1)

exploitdb WORKING POC

perlwebappsphp

https://www.exploit-db.com/exploits/1191

View Code ZIP pw:eip

References (2)

[Mailing List] http://marc.info/?l=bugtraq&m=112075901100640&w=2

[Third Party Advisory] http://secunia.com/advisories/15954

Scores

EPSS 0.0354

EPSS Percentile 87.7%

Details

Status published

Products (1)

alexander_palmo/simple_php_blog 0.4.0

Published Jul 11, 2005

Tracked Since Feb 18, 2026