member/settings_account.php in Octeth Oempro 3.5.5.1, and possibly other versions before 4, uses cleartext to transmit a password entered in the FormValue_Password field, which makes it easier for remote attackers to obtain sensitive information by sniffing the network, related to the "Settings - Account Information" tab.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-12-03T17:00:00

Updated: 2024-08-07T09:21:35.030Z

Reserved: 2008-07-07T00:00:00

Link: CVE-2008-3059

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2008-12-03T17:30:00.383

Modified: 2024-11-21T00:48:19.853

Link: CVE-2008-3059

cve-icon Redhat

No data.