Plaintext Password Storage Vulnerability in aeNovo Products
CVE-2005-3209 · MEDIUM Severity
AV:L/AC:L/AU:N/C:P/I:P/A:P
Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI store password information in plaintext in the (a) control, (b) content, and (c) page tables, which allows attackers with database access to obtain those passwords and gain privileges.
Learn more about our Web Application Penetration Testing UK.