Description

WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database.

Remediation

References

CVE-2001-1255

Related Vulnerabilities

WordPress Plugin mklasen's Photobox Cross-Site Scripting (1.0)

OpenSSL Other Vulnerability (CVE-2015-0208)

WordPress Plugin Scriptless Social Sharing Cross-Site Scripting (3.2.1)

Drupal Core 5.x Session Fixation (5.0 - 5.19)

Drupal Core 8.4.x Remote Code Execution (8.4.0 - 8.4.5)

Severity

Medium

Classification

CVE-2001-1255

Tags

Missing Update Known Vulnerabilities