CVE-2006-5956 Information

Description

XLineSoft PHPRunner 3.1 stores the (1) database server name (2) database names (3) usernames and (4) passwords in plaintext in WINDIR\PHPRunner.ini which allows local users to obtain sensitive information by reading the file.

Reference

http://lostmon.blogspot.com/2006/11/phprunner-database-credentials.html http://secunia.com/advisories/22863 http://securitytracker.com/id?1017218 http://www.osvdb.org/30363 http://www.securityfocus.com/bid/21054