CVE-2005-4219

setting.php in Innovative CMS ICMS, formerly Imoel-CMS contains username and password information in cleartext, which might allow attackers to obtain this information via a direct request to setting.php. NOTE: on a properly configured web server, it would be expected that a .php file would be...

CVE-2005-4219

CVE-2005-4219 affects Innovative CMS (ICMS, formerly Imoel-CMS). The setting.php page reportedly returns cleartext username and password information, potentially allowing an attacker to obtain credentials via a direct request. The NVD entry assigns a base CVSS v2 of 5.0 (Medium): Attack Vector Ne...

imoelPassword.txt

IMOEL CMS has the weakness to download the plain text sql password in the setting.php file / $setting'host''username' = 'sqlusername'; $setting'host''password' = 'sqlpassword'; so u can download the setting.php file & view the plain text password as the default imoel cms set the administrator use...

IMOEL CMS Sql password discovery

IMOEL CMS has the weakness to download the plain text sql password in the setting.php file / $setting'host''username' = 'sqlusername'; $setting'host''password' = 'sqlpassword'; so u can download the setting.php file & view the plain text password as the default imoel cms set the administrator use...