CVE-2006-5956

XLineSoft PHPRunner 3.1 stores the (1) database server name, (2) database names, (3) usernames, and (4) passwords in plaintext in %WINDIR%\PHPRunner.ini, which allows local users to obtain sensitive information by reading the file.
Configurations

Configuration 1 (hide)

cpe:2.3:a:xlinesoft:phprunner:3.1:*:*:*:*:*:*:*

History

21 Nov 2024, 00:21

Type Values Removed Values Added
References () http://lostmon.blogspot.com/2006/11/phprunner-database-credentials.html - () http://lostmon.blogspot.com/2006/11/phprunner-database-credentials.html -
References () http://secunia.com/advisories/22863 - () http://secunia.com/advisories/22863 -
References () http://securitytracker.com/id?1017218 - () http://securitytracker.com/id?1017218 -
References () http://www.osvdb.org/30363 - () http://www.osvdb.org/30363 -
References () http://www.securityfocus.com/bid/21054 - () http://www.securityfocus.com/bid/21054 -

Information

Published : 2006-11-17 00:07

Updated : 2024-11-21 00:21


NVD link : CVE-2006-5956

Mitre link : CVE-2006-5956

CVE.ORG link : CVE-2006-5956


JSON object : View

Products Affected

xlinesoft

  • phprunner