| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 4 Dec 2003 06:08:08 -0000 From: <parag0d@...eaker.net> To: bugtraq@...urityfocus.com Subject: Plaintext Vulnerability in Alan Ward Acart Vulnerability: Plaintext Vulnerability Description: All of the data in this database is stored in plain text (not encrypted), including usernames, passwords, credit card numbers, addresses, etc. Many times the database is placed into a web accessible folder (by default) Exploit: None Required Solution: The developer needs to implement some type of encryption standard in order to protect the data stored in the database. Credit: CyberArmy Application and Code Auditing Team Parag0d The developer was contacted about this matter, but never gave any response
Powered by blists - more mailing lists