[] NeoSense
E X P L O I T S
title author type platform port cve id

SAFE TEAM Regulus 2.2 - 'Custchoice.php' Update Your Password Action Information Disclosure

Author: masud_libra
type: webapps
platform: php
port: 
date_added: 2004-09-07 
date_updated: 2013-03-05 
verified: 1 
codes: OSVDB-9821 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/11133/info

Regulus is reported prone to an information disclosure vulnerability. It is reported that a specified user/customer password hash is contained in a hidden tag of the 'Update Your Password' action page.

An attacker may employ data that is obtained in this manner to aid in further attacks launched against the vulnerable software.

This vulnerability is reported to affect all versions of SAFE TEAM Regulus.

http://example.com/base-dir/htmlcust/custchoice.php?lang=English&userid=<name>&action=To update your password

Where '<name>' is the target username.
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.