NuytsTech Security

CVE-2017-9615

by ·

Password exposure in Cognito Software Moneyworks 8.0.3 and earlier allows attackers to gain administrator access to all data, because verbose logging writes the administrator password to a world-readable file.

Date published : 2017-06-26

http://cognito.co.nz/mwcommunity/viewtopic.php?f=1&t=3542

https://gist.github.com/ari/e0dd74c12d84f102e3bcb365118e8c30

Tags: