Sensitive Information Disclosure in WEB-ERP 0.1.4 and Earlier

Sensitive Information Disclosure in WEB-ERP 0.1.4 and Earlier

CVE-2003-1383 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.