2 matches found
CVE-2004-2353
BugPort prior to 1.099 stores its configuration file (conf/config.conf) under the web document root with an unparsed file extension, enabling remote disclosure of sensitive information. Affected product: BugPort (versions before 1.099). Root cause: sensitive config file placed in a location serve...
CVE-2004-2353
BugPort before 1.099 stores its configuration file conf/config.conf under the web document root with a file extension that is not normally parsed by web servers, which allows remote attackers to obtain sensitive information...