Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Plaintext Storage of Passwords within Cookies in /var/www/xms/application/controllers/verifyLogin.php in the administrative console in Dialogic PowerMedia XMS before 3.5 SU2 allows remote attackers to access a user's password in cleartext.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dialogic PowerMedia XMS 管理控制台安全漏洞
Vulnerability Description
Dialogic PowerMedia XMS是美国Dialogic公司的一套用于实时通信的软件多媒体服务器,它能够为IMS、MRF、企业和WebRTC应用程序提供实时多媒体通信解决方案。 Dialogic PowerMedia XMS 3.5 SU2之前版本中的管理控制台的/var/www/xms/application/controllers/verifyLogin.php文件存在安全漏洞,该漏洞源于程序将密码存储为明文形式。远程攻击者可利用该漏洞访问明文形式的用户密码。
CVSS Information
N/A
Vulnerability Type
N/A