NuytsTech Security

CVE-2010-0616

by ·

evalSMSI 2.1.03 stores passwords in cleartext in the database, which allows attackers with database access to gain privileges. NOTE: remote attack vectors are possible by leveraging a separate SQL injection vulnerability.

Date published : 2010-02-11

http://www.securityfocus.com/bid/38116

http://www.securityfocus.com/archive/1/509370/100/0/threaded

Tags: