66 matches found
keepassx: information disclosure
It was found that XML export function creates hidden XML file containing user passwords in plaintext without warning, when the export is canceled, which may go unnoticed by the user. In this case the password database was exported as the file .xml in the current working directory often $HOME or t...
CVE-2014-8598
CVE-2014-8598 affects MantisBT 1.2.x via the XML Import/Export plugin, which could allow unauthorized attackers to upload arbitrary XML files or obtain sensitive information due to insufficient access restrictions. This is explicitly stated in connected documents as part of multiple vulnerabiliti...
CVE-2003-1447
IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption algorithm XOR and base64 encoding, which allows local users to decrypt passwords when the configuration file is exported to XML...
CVE-2004-1634
showbug.cgi in Bugzilla 2.17.1 through 2.18rc2 and 2.19 from CVS, when using the insidergroup feature and exporting a bug to XML, shows comments and attachment summaries which are marked as private, which allows remote attackers to gain sensitive information...
CVE-2003-1447
IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption algorithm XOR and base64 encoding, which allows local users to decrypt passwords when the configuration file is exported to XML...
Security update 1970-01-01
...