2005-06-28 04:00:00
mitre
PUBLISHED
phpRank 1.8 stores the administrative password in plaintext on the server and in the "ap" cookie, which allows remote attackers to retrieve the administrative password.