World-readable permissions on configuration.php in Mambo CMS 4.6.5 allows local users to obtain admin password hash

World-readable permissions on configuration.php in Mambo CMS 4.6.5 allows local users to obtain admin password hash

CVE-2013-2563 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Mambo CMS 4.6.5 uses world-readable permissions on configuration.php, which allows local users to obtain the admin password hash by reading the file.

Learn more about our Cms Pen Testing.