Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    2 vulnerabilities by handsomeweb

    CVE-2014-3445 (GCVE-0-2014-3445)

    Vulnerability from cvelistv5 – Published: 2020-01-28 14:09 – Updated: 2024-08-06 10:43
    VLAI
    Summary
    backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2014-05-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:43:06.383Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/126844/HandsomeWeb-SOS-Webpages-1.1.11-Backup-Hash-Disclosure.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/projects/soswebpages/files/SOS%20Webpages/SOS%20Webpages%201.1.12/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2014/May/130"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/67644"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3445/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-05-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-01-28T14:09:12.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/126844/HandsomeWeb-SOS-Webpages-1.1.11-Backup-Hash-Disclosure.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://sourceforge.net/projects/soswebpages/files/SOS%20Webpages/SOS%20Webpages%201.1.12/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2014/May/130"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securityfocus.com/bid/67644"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3445/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-3445",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://packetstormsecurity.com/files/126844/HandsomeWeb-SOS-Webpages-1.1.11-Backup-Hash-Disclosure.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/126844/HandsomeWeb-SOS-Webpages-1.1.11-Backup-Hash-Disclosure.html"
                },
                {
                  "name": "http://sourceforge.net/projects/soswebpages/files/SOS%20Webpages/SOS%20Webpages%201.1.12/",
                  "refsource": "MISC",
                  "url": "http://sourceforge.net/projects/soswebpages/files/SOS%20Webpages/SOS%20Webpages%201.1.12/"
                },
                {
                  "name": "http://seclists.org/fulldisclosure/2014/May/130",
                  "refsource": "MISC",
                  "url": "http://seclists.org/fulldisclosure/2014/May/130"
                },
                {
                  "name": "http://www.securityfocus.com/bid/67644",
                  "refsource": "MISC",
                  "url": "http://www.securityfocus.com/bid/67644"
                },
                {
                  "name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3445/",
                  "refsource": "MISC",
                  "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3445/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-3445",
        "datePublished": "2020-01-28T14:09:12.000Z",
        "dateReserved": "2014-05-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:43:06.383Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-3445 (GCVE-0-2014-3445)

    Vulnerability from nvd – Published: 2020-01-28 14:09 – Updated: 2024-08-06 10:43
    VLAI
    Summary
    backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2014-05-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:43:06.383Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/126844/HandsomeWeb-SOS-Webpages-1.1.11-Backup-Hash-Disclosure.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/projects/soswebpages/files/SOS%20Webpages/SOS%20Webpages%201.1.12/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2014/May/130"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/67644"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3445/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-05-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-01-28T14:09:12.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/126844/HandsomeWeb-SOS-Webpages-1.1.11-Backup-Hash-Disclosure.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://sourceforge.net/projects/soswebpages/files/SOS%20Webpages/SOS%20Webpages%201.1.12/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2014/May/130"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securityfocus.com/bid/67644"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3445/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-3445",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://packetstormsecurity.com/files/126844/HandsomeWeb-SOS-Webpages-1.1.11-Backup-Hash-Disclosure.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/126844/HandsomeWeb-SOS-Webpages-1.1.11-Backup-Hash-Disclosure.html"
                },
                {
                  "name": "http://sourceforge.net/projects/soswebpages/files/SOS%20Webpages/SOS%20Webpages%201.1.12/",
                  "refsource": "MISC",
                  "url": "http://sourceforge.net/projects/soswebpages/files/SOS%20Webpages/SOS%20Webpages%201.1.12/"
                },
                {
                  "name": "http://seclists.org/fulldisclosure/2014/May/130",
                  "refsource": "MISC",
                  "url": "http://seclists.org/fulldisclosure/2014/May/130"
                },
                {
                  "name": "http://www.securityfocus.com/bid/67644",
                  "refsource": "MISC",
                  "url": "http://www.securityfocus.com/bid/67644"
                },
                {
                  "name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3445/",
                  "refsource": "MISC",
                  "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3445/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-3445",
        "datePublished": "2020-01-28T14:09:12.000Z",
        "dateReserved": "2014-05-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:43:06.383Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }