Дополнительная информация

Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl)

Akarru v0.4.3.34 - Remote File Include Vulnerabilities

Shadow Prémod <= 2.7.1 [phpbb_root_path] Remote File Include Vulnerability

BinGo News <= v3.01 (bnrep) Remote File Inclusion Exploit

[SA21779] Drupal Pathauto Module Cross-Site Scripting Vulnerability

From:	revnic_(at)_gmail.com <revnic_(at)_gmail.com>
Date:	5 сентября 2006 г.
Subject:	Web Dictate Admin Null Password Vulnerability

Web Dictate Admin Null Password Vulnerability

Software: Web Dictate
Version: 1.02
Website: http://nchsoftware.com/

Description:
Web Dictate is a dictation system that lets you record, edit and manage dictation over the internet. You, and other users, log into a server running Web Dictate to record dictation with any ordinary web browser.

Vulnerability:
After assigning a password for the Admin account, it is possible to login as Admin with a null password.

Credit:
Discovered by Revnic Vasile