When accessing the install.php
script it is possible to extract any pre-configured database or default admin account password by viewing the source of the page, and inspecting the value
property of the password fields.
CPE | Name | Operator | Version |
---|---|---|---|
silverstripe/framework | lt | 4.0.1 |