oss-sec mailing list archives
CVE-request: phpMyFAQ default password 1.3.2
From: Henri Salo <henri () nerv fi>
Date: Thu, 10 May 2012 10:39:30 +0300
This is very old issue from 2003 without CVE-identifier. Description: By default, phpMyFAQ installs with a default password. An unspecified account has an unspecified password which is publicly known and documented. This allows attackers to trivially access the program or system and gain privileged access. http://osvdb.org/show/osvdb/81714 http://www.phpmyfaq.de/changelog.php Is there a general CVE-identifier for issues like default password, which I think would be OK in case like this? If user upgraded installation from old version to new this was not fixed in the process. - Henri Salo
Current thread:
- CVE-request: phpMyFAQ default password 1.3.2 Henri Salo (May 10)
- Re: CVE-request: phpMyFAQ default password 1.3.2 Kurt Seifried (May 10)