1002 matches found
CVE-2003-0329
CesarFTP 0.99g stores user names and passwords in plaintext in the settings.ini file, which could allow local users to gain privileges...
CVE-2002-1479
Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges...
CVE-2002-1479
Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges...
PT-2003-1215 · Cacti · Cacti
Name of the Vulnerable Software and Affected Versions: Cacti versions prior to 0.6.8 Description: The issue allows local users to access a MySQL username and password stored in plaintext in the config.php file, which has world-readable permissions. This could enable users to modify databases as t...
EZ Publish 2.2.73.0 - site.ini Information Disclosure
EZ Publish 2.2.73.0 - site.ini Information Disclosure source: https://www.securityfocus.com/bid/7347/info eZ Publish has been reported prone to sensitive information disclosure vulnerability. An attacker may make a request for and download the underlying site.ini configuration file. The file...
Web Wiz Site News 3.6 - Information Disclosure
Web Wiz Site News 3.6 - Information Disclosure source: https://www.securityfocus.com/bid/7341/info Web Wiz Site News has been reported prone to sensitive information disclosure vulnerability. An attacker may make a request for and download the underlying Access database file that is used by the...
Web Wiz Site News 3.6 - Information Disclosure
source: https://www.securityfocus.com/bid/7341/info Web Wiz Site News has been reported prone to sensitive information disclosure vulnerability. An attacker may make a request for and download the underlying Access database file that is used by the Site News appplication. Site News administration...
Ocean12 ASP Guestbook Manager 1.0 - Information Disclosure
Ocean12 ASP Guestbook Manager 1.0 - Information Disclosure source: https://www.securityfocus.com/bid/7328/info Ocean12 Guestbook Manager has been reported prone to sensitive information disclosure vulnerability. An attacker may make a request for and download the underlying Access database file...
Ocean12 ASP Guestbook Manager 1.0 - Information Disclosure
source: https://www.securityfocus.com/bid/7328/info Ocean12 Guestbook Manager has been reported prone to sensitive information disclosure vulnerability. An attacker may make a request for and download the underlying Access database file that is used by the Guestbook Manager. Guestbook...
CuteCast 1.2 - User Credential Disclosure
CuteCast 1.2 - User Credential Disclosure source: https://www.securityfocus.com/bid/6127/info It has been reported that the default configuration of CuteCast is insecure. According to the report, CuteCast stores user information in a publicly accessible directory. This includes plaintext...
CuteCast 1.2 - User Credential Disclosure
source: https://www.securityfocus.com/bid/6127/info It has been reported that the default configuration of CuteCast is insecure. According to the report, CuteCast stores user information in a publicly accessible directory. This includes plaintext credentials...
CVE-2002-0933
Datalex PLC BookIt! Consumer before 2.2 stores usernames and passwords in plaintext in a cookie, which could allow remote attackers to gain privileges via Cross-site scripting or sniffing attacks...
CVE-2002-0345
Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\params registry key, which could allow an attacker to gain privileges...
CVE-2000-0087
Netscape Mail Notification nsnotify utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext...
CVE-2001-1336
CesarFTP 0.98b and earlier stores usernames and passwords in plaintext in the settings.ini file, which allows attackers to gain privileges...
CVE-2001-0768
GuildFTPd 0.9.7 stores user names and passwords in plaintext in the default.usr file, which allows local users to gain privileges as other FTP users by reading the file...
CVE-2001-0768
GuildFTPd 0.9.7 stores user names and passwords in plaintext in the default.usr file, which allows local users to gain privileges as other FTP users by reading the file...
CVE-1999-1344
AutoFTP.pl script in AutoFTP 0.2 stores usernames and passwords in plaintext in the autoftp.conf configuration file...
CVE-2000-1199
PostgreSQL stores usernames and passwords in plaintext in 1 pgshadow and 2 pgpwd, which allows attackers with sufficient privileges to gain access to databases...
CVE-2001-1336
CesarFTP 0.98b and earlier stores usernames and passwords in plaintext in the settings.ini file, which allows attackers to gain privileges...