Synametrics Technologies

Revolving around the core of technology

Knowledge base

WinSQL KB
Syncrify KB
SynaMan KB

Other Options

Tutorial videos
Email
Phone

Dima
Nov 17, 2018 1:13:10 PM

SECURITY: bug in login form exposes password in plain text

The login form does not specify a method of POST and thus defaults to GET.

On login failure, the username and password are appended to the URL as GET parameters, exposing plaintext username and password to: browser history, webserver log, proxy server log, dns server log, etc.

Synametrics support engineer
Nov 28, 2018 7:57:55 AM

SECURITY: bug in login form exposes password in plain text

Dima,

Thank you for letting us know about this. It will be fixed in the next update.

Home
Blog
Forums
Xeams
Syncrify
SynaMan
WinSQL
Contact

Mailing Address

490 State Rt. 33,
Bldg 2, Unit 2
Millstone, NJ 08535

Phone/Email

Phone: +1609-750-0007
Email: sales@synametrics.com
https://www.synametrics.com

Synametrics Technologies

Knowledge base

Other Options

SECURITY: bug in login form exposes password in plain text

SECURITY: bug in login form exposes password in plain text

Mailing Address

Phone/Email

Navigation

Social Media

WinSQL

Syncrify

SynaMan

Other Product/Services

Knowledge base

Other Options

SECURITY: bug in login form exposes password in plain text

SECURITY: bug in login form exposes password in plain text

Navigation

Social Media