PT-2000-1640 · Pccs · Pccs Mysqldatabase Admin Tool Manager
Published
2000-10-20
·
Updated
2024-02-14
·
CVE-2000-0707
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
PCCS MySQLDatabase Admin Tool Manager versions 1.2.4 and earlier
Description
The issue allows remote attackers to obtain sensitive information, such as the administrative password, because the file dbconnect.inc is installed within the web root.
Recommendations
For versions 1.2.4 and earlier, consider relocating the dbconnect.inc file outside of the web root to prevent unauthorized access.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Pccs Mysqldatabase Admin Tool Manager