CVE-2006-0314 | Vulnerability Database | Aqua Security

PDFdirectory before 1.0 stores sensitive data in plaintext, which allows remote attackers to obtain arbitrary users passwords by direct queries to the database, possibly via one of the SQL injection vulnerabilities.

Affected Software

Name	Vendor	Start Version	End Version
Pdfdirectory	Pdfdirectory	0.2.2 (including)	0.2.2 (including)
Pdfdirectory	Pdfdirectory	0.2.3 (including)	0.2.3 (including)
Pdfdirectory	Pdfdirectory	0.2.4 (including)	0.2.4 (including)
Pdfdirectory	Pdfdirectory	0.2.5 (including)	0.2.5 (including)
Pdfdirectory	Pdfdirectory	0.2.6 (including)	0.2.6 (including)
Pdfdirectory	Pdfdirectory	0.2.7 (including)	0.2.7 (including)
Pdfdirectory	Pdfdirectory	0.2.8 (including)	0.2.8 (including)
Pdfdirectory	Pdfdirectory	0.2.9 (including)	0.2.9 (including)
Pdfdirectory	Pdfdirectory	0.2.10 (including)	0.2.10 (including)
Pdfdirectory	Pdfdirectory	0.2.11 (including)	0.2.11 (including)

References

http://sourceforge.net/project/shownotes.php?release_id=382411\u0026group_id=122682
http://www.osvdb.org/22402
http://sourceforge.net/project/shownotes.php?release_id=382411\u0026group_id=122682
http://www.osvdb.org/22402

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-0314
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html