XLineSoft PHPRunner 3.1 stores the (1) database server name, (2) database names, (3) usernames, and (4) passwords in plaintext in %WINDIR%\PHPRunner.ini, which allows local users to obtain sensitive information by reading the file.
References
Configurations
History
21 Nov 2024, 00:21
Type | Values Removed | Values Added |
---|---|---|
References | () http://lostmon.blogspot.com/2006/11/phprunner-database-credentials.html - | |
References | () http://secunia.com/advisories/22863 - | |
References | () http://securitytracker.com/id?1017218 - | |
References | () http://www.osvdb.org/30363 - | |
References | () http://www.securityfocus.com/bid/21054 - |
Information
Published : 2006-11-17 00:07
Updated : 2024-11-21 00:21
NVD link : CVE-2006-5956
Mitre link : CVE-2006-5956
CVE.ORG link : CVE-2006-5956
JSON object : View
Products Affected
xlinesoft
- phprunner
CWE