Lucene search

K

MitreCVELIST:CVE-2009-0964

HistoryMar 19, 2009 - 10:00 a.m.

CVE-2009-0964

2009-03-1910:00:00

mitre

www.cve.org

2

0.005 Low

EPSS

Percentile

76.6%

UserView_list.php in PHPRunner 4.2, and possibly earlier, stores passwords in cleartext in the database, which allows attackers to gain privileges. NOTE: this can be leveraged with a separate SQL injection vulnerability to obtain passwords remotely without authentication.

References

osvdb.org/52804

www.bugreport.ir/index_63.htm

www.securityfocus.com/archive/1/501894/100/0/threaded

www.vupen.com/english/advisories/2009/0750

exchange.xforce.ibmcloud.com/vulnerabilities/49279

www.exploit-db.com/exploits/8226

0.005 Low

EPSS

Percentile

76.6%

Related for CVELIST:CVE-2009-0964

cve1 prion1 nvd1 seebug1