Family: CGI abuses --> Category: infos
PCCS-Mysql User/Password Exposure Vulnerability Scan
Vulnerability Scan Summary
Checks for dbconnect.inc
Detailed Explanation for this Vulnerability Test
It is possible to read the include file of PCCS-Mysql,
dbconnect.inc on the remote server.
This include file contains information such as the
username and password used to connect to the database.
Versions 1.2.5 and later are not vulnerable to this issue.
A workaround is to restrict access to the .inc file.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.