Vulnerabilities > CVE-2010-0124 - Credentials Management vulnerability in Timeclock-Software Employee Timeclock Software 0.99
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Employee Timeclock Software 0.99 places the database password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |