Skip to main content

Credentials Management Errors

CVE-2008-5847

Severity Low
Score 2.6/10

Summary

Constructr CMS 3.02.5 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information by reading the hash column.

  • HIGH
  • NETWORK
  • NONE
  • NONE
  • PARTIAL
  • NONE

CWE-255 - Credentials Management Errors

Weaknesses in this category are related to the management of credentials.

References

Advisory Timeline

  • Published