2 matches found
CVE-2008-5847
Constructr CMS 3.02.5 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information by reading the hash column...
CVE-2008-5847
CVE-2008-5847 affects Constructr CMS up to version 3.02.5, where passwords are stored in cleartext in a MySQL database. The underlying issue is insecure password storage (cleartext in the hash column), enabling context-dependent attackers to read sensitive password information from the database. ...