Related information

CGI bugs

IdeaBox: Remote Command Execution

Cross site scripting in Onecenter forum 4.0

Path disclosure and file access on WebAdmin

Multiple SQL injection on OpenBB forums

From:	JeiAr <jeiar_(at)_kmfms.com>
Date:	26.04.2003
Subject:	Invision Power Board Plaintext Password Disclosure Vuln

Invision Power Board Plaintext Password Disclosure Vuln
-------------------------------------------------------
Version: All?

Problem: Invision Power Board gives an admin the option
to create a pass protected forum. The problem with this
is that the password is then stored in the cookie fully
readable as it is shown in plaintext.

Credits: All credit goes to JeiAr of GulfTech Computers