[phpPgAdmin] Plaintext Password Vulnerability

Homer

Well-known member
phpPgAdmin is a freely available tool that provides a WWW interface for handling PostgreSQL adminstrative tasks. It is derived from phpMyAdmin, which is used for MySQL administrative tasks.

Authentication credentials for the database's standard user are stored in the configuration file of the phpPGAdmin tool. This information is stored in plaintext and may be viewed by local attackers.

This is only an issue when using phpPgAdmin's advanced authentication feature.
 
Back
Top