← CVECheck
HomeVulnerabilities

CVE-2003-1401 — MEDIUM severity vulnerability (login.php in php-Board 1.0 stores plaintext passwords in $us)

login.php in php-Board 1.0 stores plaintext passwords in $username.txt with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information via a direct request.

CVE IDCVE-2003-1401
SeverityMEDIUM
CVSS score5.8
CVSS vectorAV:N/AC:M/Au:N/C:P/I:P/A:N
CWECWE-255
StatusModified
Published2003-12-31
Last modified2026-04-16
Descriptionlogin.php in php-Board 1.0 stores plaintext passwords in $username.txt with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information via a direct request.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →