Gplhost: >> Domain Technologie Control >> 0.32.7 Security Vulnerabilities
The register_user function in client/new_account_form.php in Domain Technologie Control (DTC) before 0.32.9 includes a cleartext password in an e-mail message, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.
CVSS Score
5.0
EPSS Score
0.008
Published
2011-03-07
shared/inc/sql/ssh.php in the SSH accounts management implementation in Domain Technologie Control (DTC) before 0.32.9 allows remote authenticated users to delete arbitrary accounts via the edssh_account parameter in a deletesshaccount Delete action.
CVSS Score
4.0
EPSS Score
0.012
Published
2011-03-07
Page 2