|
Family: CGI abuses --> Category: infos
PCCS-Mysql User/Password Exposure Vulnerability Scan
Vulnerability Scan Summary Checks for dbconnect.inc
Detailed Explanation for this Vulnerability Test
It is possible to read the include file of PCCS-Mysql,
dbconnect.inc on the remote server.
This include file contains information such as the
username and password used to connect to the database.
Solution:
Versions 1.2.5 and later are not vulnerable to this issue.
A workaround is to restrict access to the .inc file.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|