Sensitive Information Disclosure in Shoutbox SCRIPT 3.0.2 and Earlier
CVE-2005-1220 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Shoutbox SCRIPT 3.0.2 and earlier allows remote attackers to obtain sensitive information via a direct request to db/settings.dat, which displays usernames and password hashes.
Learn more about our User Device Pen Test.