2 matches found
CVE-2004-1228
The CVE-2004-1228 entry concerns SugarCRM Sugar Sales 2.0.1c and earlier, where install scripts are not removed after installation. This leaves the MySQL administrative password exposed in cleartext via an installation form and can also enable denial of service by resetting database settings to d...
CVE-2004-1228
The install scripts in SugarCRM Sugar Sales 2.0.1c and earlier are not removed after installation, which allows attackers to obtain the MySQL administrative password in cleartext from an installation form, or to cause a denial of service by changing database settings to the default...