CVE-2002-0537 Information

Description

The admin.html file in StepWeb Search Engine (SWS) 2.5 stores passwords in links to manager.pl which allows remote attackers who can access the admin.html file to gain administrative privileges to SWS.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-04/0148.html http://www.iss.net/security_center/static/8849.php http://www.securityfocus.com/bid/4503