Vulnerabilities

CVE-2008-1567

by Fred · 31/03/2008

phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information.

Date published : 2008-03-31

http://www.securityfocus.com/bid/28560

http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-2

Related

Tags: Cybersecurity Alert