CVE-2013-2562

CVE-2013-2562

EPSS 0.5%

Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the document root, which allows local users to obtain sensitive information via unspecified vectors.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/108462/mambocms465-permdosdisclose.txt http://seclists.org/oss-sec/2013/q1/689 http://www.vapid.dhs.org/advisories/mambo_cms_4.6.5.html