Plaintext Password Storage Vulnerability in aeNovo Products

Plaintext Password Storage Vulnerability in aeNovo Products

CVE-2005-3209 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI store password information in plaintext in the (a) control, (b) content, and (c) page tables, which allows attackers with database access to obtain those passwords and gain privileges.

Learn more about our Web Application Penetration Testing UK.