Sensitive Information Disclosure in WEB-ERP 0.1.4 and Earlier
CVE-2003-1383 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.