CVE-2004-2578
PhpGroupWare before 0.9.16.002 transmits the (1) admin header and (2) setup passwords in plaintext via cookies, allowing remote attackers to sniff passwords over the network. The issue is documented with CVSS v2 base score 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N). Concrete affected product/component: Php...