Authentication Bypass Vulnerability in SmarterStats Web Server by SmarterTools
CVE-2011-2155

Currently unrated

Key Information:

Vendor

Smartertools

Status
Smarterstats
Vendor
CVE Published:
20 May 2011

What is CVE-2011-2155?

The SmarterStats 6.0 web server contains a vulnerability in its login form, specifically in the Login.aspx page, where the password field does not have the autocomplete feature disabled. This oversight allows attackers to exploit unattended workstations, potentially bypassing authentication measures and gaining unauthorized access. Users who leave their sessions open on shared or public computers are especially at risk, as sensitive information can be exposed through this flaw.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://xss.cx/examples/smarterstats-60-oscommandinjection...
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/67827
vdb-entryx_refsource_XF
http://xss.cx/examples/exploits/stored-reflected-xss-cwe7...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.