Reported January 9, 2002, by Chris Lathem.
Nevrona MiraMail 1.4 for Windows
A vulnerability exists in Nevrona MiraMail 1.4 because the system stores all account information and variables that it uses in .ini files in plain text. Any user with access to these .ini files can steal or modify account information, passwords, and groups with impunity.
The vendor, Nevrona Designs, has been notified and will issue version 1.5., which will encrypt the vulnerable .ini files.