Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the document root, which allows local users to obtain sensitive information via unspecified vectors.
2014-06-09T19:55:09.083
2025-04-12T10:46:40.837
Deferred
CVSSv2: 2.1 (LOW)
AV:L/AC:L/Au:N/C:P/I:N/A:N
3.9
2.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | mambo-foundation | mambo_cms | 4.6.5 | Yes |