Sensitive Information Disclosure in IBM Net.Data
CVE-2003-1282 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
IBM Net.Data allows remote attackers to obtain sensitive information such as path names, server names and possibly user names and passwords by causing the (1) $(DTW_CURRENT_FILENAME), (2) $(DATABASE), (3) $(LOGIN), (4) $(PASSWORD), and possibly other predefined variables that can be echoed back to the user via a web form.
Learn more about our Web App Pen Testing.