|
|
Vulnerability: Plaintext Vulnerability Description: All of the data in this database is stored in plain text (not encrypted), including usernames, passwords, credit card numbers, addresses, etc. Many times the database is placed into a web accessible folder (by default) Exploit: None Required Solution: The developer needs to implement some type of encryption standard in order to protect the data stored in the database. Credit: CyberArmy Application and Code Auditing Team Parag0d The developer was contacted about this matter, but never gave any response