CVE-2013-2562

CVE-2013-2562

EPSS 0.5%

Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the document root, which allows local users to obtain sensitive information via unspecified vectors.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://packetstormsecurity.com/files/108462/mambocms465-permdosdisclose.txt http://seclists.org/oss-sec/2013/q1/689 http://www.vapid.dhs.org/advisories/mambo_cms_4.6.5.html