CVE-2010-0616

N/A Unknown

Published: February 11, 2010 Modified: April 29, 2026

Description

evalSMSI 2.1.03 stores passwords in cleartext in the database, which allows attackers with database access to gain privileges. NOTE: remote attack vectors are possible by leveraging a separate SQL injection vulnerability.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://packetstormsecurity.org/1002-exploits/corelan-10-008-evalmsi.txt

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/38478

Source: cve@mitre.org

Vendor Advisory

http://www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-008-evalmsi-2-1-03-multiple-vulnerabilities/

Source: cve@mitre.org

http://www.osvdb.org/62180

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/509370/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/38116

Source: cve@mitre.org

Exploit

http://packetstormsecurity.org/1002-exploits/corelan-10-008-evalmsi.txt