CVE-2010-0616

Name of the Vulnerable Software and Affected Versions evalSMSI version 2.1.03

Description The issue allows attackers with database access to gain privileges by leveraging stored passwords in cleartext. Remote attack vectors are possible by leveraging a separate SQL injection vulnerability.

Recommendations For evalSMSI version 2.1.03, consider updating the password storage mechanism to a more secure method, such as hashing and salting, to prevent unauthorized access. As a temporary workaround, restrict database access to minimize the risk of exploitation. Additionally, address the separate SQL injection vulnerability to prevent remote attacks.