172 matches found
CVE-2008-1567
phpMyAdmin before 2.11.5.1 stores the MySQL 1 username and 2 password, and the 3 Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information...
Information disclosure
phpMyAdmin before 2.11.5.1 stores the MySQL 1 username and 2 password, and the 3 Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information...
CVE-2008-1567
phpMyAdmin before 2.11.5.1 stores the MySQL 1 username and 2 password, and the 3 Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information...
CVE-2008-1567
CVE-2008-1567 affects phpMyAdmin; version prior to 2.11.5.1 stores the MySQL username, password, and the Blowfish secret key in cleartext in a Session file under /tmp, enabling local users to obtain sensitive information. Connected advisories show patches upgrading to phpMyAdmin 2.11.9.4 (e.g., o...
CVE-2008-1567
phpMyAdmin before 2.11.5.1 stores the MySQL 1 username and 2 password, and the 3 Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information...
CVE-2008-1567
phpMyAdmin before 2.11.5.1 stores the MySQL 1 username and 2 password, and the 3 Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information...
PT-2008-3126 · Mysql Server · Phpmyadmin
Name of the Vulnerable Software and Affected Versions: phpMyAdmin versions prior to 2.11.5.1 Description: The issue allows local users to obtain sensitive information, including the MySQL username, password, and the Blowfish secret key, which are stored in cleartext in a Session file under /tmp...
CVE-2006-6596
HyperAccess 8.4 allows user-assisted remote attackers to execute arbitrary vbscript and commands via a session HAW file, which can be automatically opened using Internet Explorer...
Grep with web vulnerability discovery-vulnerability warning-the black bar safety net
Grep with web vulnerability mining Text/SuperHeiAtph4nt0m.org 2006-03-08 a. The following grephttp://www.interlog.com/tcharron/grep.htmldoes not support the-r parameter,you can use the following format: grep-in "\include|require\" C:\test\. php C:\test\admin\. php You can also use cygwin...
[SA19211] CGI::Session Insecure Default Session File Permissions
TITLE: CGI::Session Insecure Default Session File Permissions SECUNIA ADVISORY ID: SA19211 VERIFY ADVISORY: http://secunia.com/advisories/19211/ CRITICAL: Less critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: CGI::Session 4.x http://secunia.com/product/8688/...
moodle142.txt
+------------------------------------------------------------------------------+ | | | Multiple Vulnerabilities in Moodle | | ================================== | | | | Author: Bartek Nowotarski | | Published: 2004-12-27 |...
CVE-2004-1425
Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to read arbitrary session files for known session IDs via a .. dot dot in the file parameter...