Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:MAMBO-MYSQL-INF-DISCLOSURE
Severity	Minor
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	Mambo MySQL Database Info Disclosure
Release Date	2014/09/29
Update Number	2424
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Mambo MySQL Database Info Disclosure

Mambo CMS is prone to a password disclosure vulnerability. Local attackers can exploit this issue to disclose sensitive information.

Extended Description

Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the document root, which allows local users to obtain sensitive information via unspecified vectors.

Affected Products

Mambo-foundation mambo_cms 4.6.5

References

BugTraq: 58577
CVE: CVE-2013-2562

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Mambo MySQL Database Info Disclosure

Extended Description

Affected Products

References