Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the document root, which allows local users to obtain sensitive information via unspecified vectors.
References
Configurations
History
21 Nov 2024, 01:51
Type | Values Removed | Values Added |
---|---|---|
References | () http://packetstormsecurity.com/files/108462/mambocms465-permdosdisclose.txt - Exploit | |
References | () http://seclists.org/oss-sec/2013/q1/689 - | |
References | () http://www.vapid.dhs.org/advisories/mambo_cms_4.6.5.html - Exploit |
Information
Published : 2014-06-09 19:55
Updated : 2024-11-21 01:51
NVD link : CVE-2013-2562
Mitre link : CVE-2013-2562
CVE.ORG link : CVE-2013-2562
JSON object : View
Products Affected
mambo-foundation
- mambo_cms
CWE
CWE-255
Credentials Management Errors