Full title: Ncentral 8.x Insecure Access / Unsalted Passwords / CSRF Vulnerabilities 
Category: web applications
Platform: php
Ncentral versions 8.0.x through 8.2.0-1152 suffer from insecure SOAP access that leads to an unprivileged SSH session, poor trust based authentication leading to database compromise, plain text password storage, cross site request forgery, and other vulnerabilities.

# 0day.today @ http://0day.today/