4 matches found
Design/Logic Flaw
An issue was discovered in config/error.php in Anchor 0.12.3. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error such as "Too many connections" has occurred...
CVE-2018-7251
An issue was discovered in config/error.php in Anchor 0.12.3. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error such as "Too many connections" has occurred...
CVE-2018-7251
An issue was discovered in config/error.php in Anchor 0.12.3. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error such as "Too many connections" has occurred...
CVE-2018-7251
Anchor CMS 0.12.3 is vulnerable due to an error in config/error.php that exposes an errors.log URI. The log can contain MySQL credentials when errors occur (e.g., Too many connections), enabling information disclosure. Affected component: error logging; impact: credential exposure. Remediation: u...