RivetTracker before 1.0 stores passwords in cleartext in config.php, which allows local users to discover passwords by reading config.php.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Rivettracker |
Rivetcode |
0.1 |
0.1 |
Rivettracker |
Rivetcode |
* |
0.8 |
References