WARNING! Fake news / Disputed / BOGUS

Zend Framework SQL Configuration-File disclosure

2012.08.26
Credit: W4n73d
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

[+] Vulnerability: Zend Framework SQL Configuration-File disclosure [-] [+] Author: W4n73d openforce[at]live[dot]com [-] [-] [+] Vendor: framework.zend.com [+] Version: 1.x.x [-] [-] [+] PoC: www.whatever.br/application/configs/application.ini [-] [+] EX: // params.username = "root" params.password = "myleetpass" // [-] [+] Date: 25. Ago. 2012. Brazil.

References:

http://framework.zend.com/


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top