CVE-2010-0616
EvalSMSI 2.1.03 stores passwords in cleartext in the database, enabling privilege escalation for DB-authenticated attackers; remote vector is possible via a separate SQL injection vulnerability. Affected component: evalSMSI (2.1.03). Root cause: insecure password storage combined with an external...