Vulnerabilities > CVE-2000-0707 - Unspecified vulnerability in Pccs-Linux Mysqldatabase Admin Tool 1.2.3/1.2.4
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN pccs-linux
nessus
Summary
PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the file dbconnect.inc within the web root, which allows remote attackers to obtain sensitive information such as the administrative password.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Nessus
| NASL family | CGI abuses |
| NASL id | PCCSMYSQLADM.NASL |
| description | It is possible to read the include file of PCCS-Mysql, dbconnect.inc on the remote server. This include file contains information such as the username and password used to connect to the database. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 10783 |
| published | 2001-10-16 |
| reporter | This script is Copyright (C) 2001-2018 Alert4Web.com |
| source | https://www.tenable.com/plugins/nessus/10783 |
| title | PCCS-Mysql User/Password Exposure |