|
Family: General --> Category: infos
PHP-Nuke sql_debug Information Disclosure Vulnerability Scan
Vulnerability Scan Summary Make a request like http://www.example.com/?sql_debug=1
Detailed Explanation for this Vulnerability Test
In PHP-Nuke, the sql_layer.php script contains a debugging feature
that may be used by attackers to disclose sensitive information about all SQL
queries.
Access to the debugging feature is not restricted to administrators.
Solution : Add '$sql_debug = 0
' in config.php.
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.
|