RSS   Vulnerabilities for 'Ezradius'   RSS

2008-04-11
 
CVE-2008-1752

CWE-200
 

 
ezRADIUS 0.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain credentials via a direct request for (1) config.ini or (2) database.ini. NOTE: some of these details are obtained from third party information.

 


Copyright 2021, cxsecurity.com

 

Back to Top