CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2003-1394

CoffeeCup Software Password Wizard 4.0 stores sensitive information such as usernames and passwords in a .apw file under the web document root with insufficient access control, which allows remote attackers to obtain that information via a direct request for the file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.3%

CVSS Severity

CVSS v2 Score 5.0

References

http://securityreason.com/securityalert/3259
http://www.securityfocus.com/archive/1/313580
http://www.securityfocus.com/bid/6995
https://exchange.xforce.ibmcloud.com/vulnerabilities/11447
http://securityreason.com/securityalert/3259
http://www.securityfocus.com/archive/1/313580
http://www.securityfocus.com/bid/6995
https://exchange.xforce.ibmcloud.com/vulnerabilities/11447

Products affected by CVE-2003-1394

Coffeecup Software » Coffeecup Password Wizard » Version: Any

cpe:2.3:a:coffeecup_software:coffeecup_password_wizard:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2003-1394

Products

Pricing

Contact Us