CVE-2003-1454

Description

Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access.

Affected products

• invision_power_services / invision_board1.0 – 1.0
• invision_power_services / invision_board1.0.1 – 1.0.1
• invision_power_services / invision_board1.1.1 – 1.1.1

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/11871
• MISChttp://www.securityfocus.com/bid/7440
• MISChttp://www.securityfocus.com/archive/1/319747
• MISChttp://securityreason.com/securityalert/3276