Full title: CollectorStealerBuilder Panel 2.0.0 Insecure Credential Storage Vulnerability 
Category: web applications
Platform: php
The panel for Collector Stealer malware version 2.0.0 stores the login credentials in plaintext in its MySQL database. Third-party attackers who gain access to the system can read the database username passwords without having to crack them offline.

# 0day.today @ http://0day.today/