GetDataBack for NTFS 2.31 stores the username and license key in plaintext in the Name value in the License registry key, which may allow local users to obtain sensitive information.

admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke administrator password, which allows remote attackers to gain privileges by requesting a URL that does not specify the aid or pwd parameter.