header-logo
Suggest Exploit
vendor:
XAMPP
by:
SecurityFocus
7.5
CVSS
HIGH
Insecure Default Password Disclosure
259
CWE
Product Name: XAMPP
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

XAMPP Insecure Default Password Disclosure Vulnerability

XAMPP is vulnerable to an insecure default password disclosure vulnerability due to a failure of the application to properly secure access to default passwords. An attacker may leverage this issue to gain access to the default passwords for many utilities installed by the affected application, including the MySQL 'root' user, the phpMyAdmin 'pma' user, the FTP 'nobody' user and the Tomcat administrator.

Mitigation:

Users should ensure that all default passwords are changed to strong, unique passwords.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/13131/info

An insecure default password disclosure vulnerability affects XAMPP. This issue is due to a failure of the application to properly secure access to default passwords.

An attacker may leverage this issue to gain access to the default passwords for many utilities installed by the affected application, including the MySQL 'root' user, the phpMyAdmin 'pma' user, the FTP 'nobody' user and the Tomcat administrator. 

http://www.example.com/xampp/security.php

Navigation

Suggest Exploit

Services By CQR