CVE-2006-0314 Information

Description

PDFdirectory before 1.0 stores sensitive data in plaintext which allows remote attackers to obtain arbitrary users’ passwords by direct queries to the database possibly via one of the SQL injection vulnerabilities.

Reference

http://sourceforge.net/project/shownotes.php?release_id=382411&group_id=122682 http://www.osvdb.org/22402