Information Disclosure Vulnerability in Epicor Enterprise 7.4
CVE-2014-4311 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Epicor Enterprise 7.4 before FS74SP6_HotfixTL054181 allows attackers to obtain the (1) Database Connection and (2) E-mail Connection passwords by reading HTML source code of the database connection and email settings page.
Learn more about our Web Application Penetration Testing UK.