PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the file dbconnect.inc within the web root, which allows remote attackers to obtain sensitive information such as the administrative password.
Link | Tags |
---|---|
http://www.securityfocus.com/bid/1557 | vdb entry patch vendor advisory |
http://archives.neohapsis.com/archives/bugtraq/2000-08/0015.html | mailing list patch vendor advisory |
http://pccs-linux.com/public/view.php3?bn=agora_pccslinux&key=965951324 | url repurposed |