CVE-2000-0707 - PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the file dbconnect.inc within the w

CVE-2000-0707

Summary

PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the file dbconnect.inc within the web root, which allows remote attackers to obtain sensitive information such as the administrative password.

References

Vulnerable Configurations

cpe:2.3:a:pccs-linux:mysqldatabase_admin_tool:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:pccs-linux:mysqldatabase_admin_tool:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:pccs-linux:mysqldatabase_admin_tool:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:pccs-linux:mysqldatabase_admin_tool:1.2.4:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 14-02-2024 - 01:17)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	1557
bugtraq	20000804 PCCS MySQL DB Admin Tool v1.2.3- Advisory
confirm	http://pccs-linux.com/public/view.php3?bn=agora_pccslinux&key=965951324
xf	pccs-mysql-admin-tool

Last major update

14-02-2024 - 01:17

Published

20-10-2000 - 04:00

Last modified

14-02-2024 - 01:17