Disputed / BOGUS

Zend Framework SQL Configuration-File disclosure

Published
Credit
Risk
2012.08.26
W4n73d
Low
CWE
CVE
Local
Remote
N/A
N/A
No
Yes


[+] Vulnerability: Zend Framework SQL Configuration-File disclosure
[-]
[+] Author: W4n73d openforce[at]live[dot]com
[-]
[-]
[+] Vendor: framework.zend.com
[+] Version: 1.x.x
[-]
[-]
[+] PoC: www.whatever.br/application/configs/application.ini
[-]
[+] EX:
//
params.username = "root"
params.password = "myleetpass"
//
[-]
[+] Date: 25. Ago. 2012. Brazil.

References:

http://framework.zend.com/


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com