Description

WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database.

Remediation

References

CVE-2001-1255

Related Vulnerabilities

Jboss EAP Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2016-4993)

WordPress Plugin Coming Soon Possible Remote Code Execution (1.1.3)

WordPress Plugin AccessPress Social Icons Multiple Cross-Site Scripting Vulnerabilities (1.5.5)

e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4920)

phpMyAdmin Other Vulnerability (CVE-2004-1147)

Severity

Medium

Classification

CVE-2001-1255

Tags

Missing Update Known Vulnerabilities