Описание
The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQL password in cleartext in a cookie, which might allow remote attackers to obtain the password by sniffing or by conducting a cross-site scripting (XSS) attack.
Ссылки
- ExploitVendor Advisory
- Exploit
- ExploitVendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 0.9.5 (включая)
cpe:2.3:a:alternc:alternc:*:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02339
Низкий
9.3 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQL password in cleartext in a cookie, which might allow remote attackers to obtain the password by sniffing or by conducting a cross-site scripting (XSS) attack.
EPSS
Процентиль: 85%
0.02339
Низкий
9.3 Critical
CVSS2
Дефекты
NVD-CWE-Other