CVE-2010-0124 Information

Description

Employee Timeclock Software 0.99 places the database password on the mysqldump command line which allows local users to obtain sensitive information by listing the process.

Reference

http://secunia.com/advisories/38739 http://secunia.com/secunia_research/2010-12/ http://www.osvdb.org/62830 http://www.securityfocus.com/archive/1/509996/100/0/threaded http://www.securityfocus.com/bid/38642 https://exchange.xforce.ibmcloud.com/vulnerabilities/56800