Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote attackers to obtain access via (1) the "lampp" default password for the "nobody" account within the included ProFTPD installation, (2) a blank default password for the "root" account within the included MySQL installation, (3) a blank default password for the "pma" account within the phpMyAdmin installation, and possibly other unspecified passwords. NOTE: this was originally reported as a problem in DFLabs PTK, but this issue affects any product that is installed within the XAMPP environment, and should not be viewed as a vulnerability within that product. NOTE: DFLabs states that PTK is intended for use in a laboratory with "no contact from / to internet."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ApacheFriends XAMPP信任管理漏洞
Vulnerability Description
XAMPP是一个易于安装的Apache web服务器集成包(MySQL和PHP,Perl中,FTP服务器和phpMyAdmin),并支持各种操作系统包括:Linux,Solaris,Windows和Mac OS X。 XAMPP安装了多个具有非安全默认密码的程序包,这会使远程攻击者易于可以借助(1)included ProFTPD安装程序中的"nobody"帐户的"lampp"默认密码(2)included MySQL安装程序中的"根"账户的一个空白默认密码,(3)phpMyAdmin的安装程序中的"pm
CVSS Information
N/A
Vulnerability Type
N/A