World-readable permissions on configuration.php in Mambo CMS 4.6.5 allows local users to obtain admin password hash
CVE-2013-2563 · LOW Severity
AV:L/AC:L/AU:N/C:P/I:N/A:N
Mambo CMS 4.6.5 uses world-readable permissions on configuration.php, which allows local users to obtain the admin password hash by reading the file.
Learn more about our Cms Pen Testing.