Stored Passwords in Links Vulnerability in StepWeb Search Engine (SWS) 2.5

Stored Passwords in Links Vulnerability in StepWeb Search Engine (SWS) 2.5

CVE-2002-0537 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The admin.html file in StepWeb Search Engine (SWS) 2.5 stores passwords in links to manager.pl, which allows remote attackers who can access the admin.html file to gain administrative privileges to SWS.

Learn more about our Web App Pen Testing.