Unrated severityNVD Advisory· Published Jan 28, 2020· Updated Aug 6, 2024

CVE-2014-3445

Description

backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

HandsomeWeb/SOS Webpagesdescription
Soswebpages/SOS Webpagesllm-create
Range: <1.1.12

Patches

Vulnerability mechanics

References

packetstormsecurity.com/files/126844/HandsomeWeb-SOS-Webpages-1.1.11-Backup-Hash-Disclosure.htmlmitrex_refsource_MISC
seclists.org/fulldisclosure/2014/May/130mitrex_refsource_MISC
sourceforge.net/projects/soswebpages/files/SOS%20Webpages/SOS%20Webpages%201.1.12/mitrex_refsource_MISC
www.securityfocus.com/bid/67644mitrex_refsource_MISC
www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3445/mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000