Vulnerabilities > Credentials Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-2345 | Credentials Management vulnerability in Oracle Application Server 9.0.2 Oracle 9i Application Server 9.0.2 stores the web cache administrator interface password in plaintext, which allows remote attackers to gain access. | 7.5 |
| 2002-12-31 | CVE-2002-2310 | Credentials Management vulnerability in Kryptronic Clickcartpro 4.0 ClickCartPro 4.0 stores the admin_user.db data file under the web document root with insufficient access control on servers other than Apache, which allows remote attackers to obtain usernames and passwords. | 5.0 |
| 2002-12-31 | CVE-2002-2301 | Credentials Management vulnerability in Lawson Software Lawson Financials 8.0 Lawson Financials 8.0, when configured to use a third party relational database, stores usernames and passwords in a world-readable file, which allows local users to read the passwords and log onto the database. | 3.3 |
| 2002-12-31 | CVE-2002-2290 | Credentials Management vulnerability in Mambo Site Server 4.0.11 Mambo Site Server 4.0.11 installs with a default username and password of admin, which allows remote attackers to gain privileges. | 10.0 |
| 1997-09-15 | CVE-1999-1214 | Credentials Management vulnerability in multiple products The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID. | 2.1 |