Description

WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database.

Remediation

References

CVE-2001-1255

Related Vulnerabilities

ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3835)

WordPress Plugin Social Media Share Buttons & Social Sharing Icons Cross-Site Scripting (1.1.1.11)

WordPress Plugin WP Private Message Insecure Direct Object Reference (1.0.5)

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-5406)

PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5278)

Severity

Medium

Classification

CVE-2001-1255

Tags

Missing Update Known Vulnerabilities