2 matches found
CVE-2006-6974
Headstart Solutions DeskPRO stores sensitive information under the web root with insufficient access control, which allows remote attackers to 1 list files in the includes/ directory; obtain the SQL username and password via a direct request for 2 config.php and 3 config.php.bak in includes/; rea...
CVE-2006-6974
The CVE-2006-6974 entry concerns Headstart Solutions DeskPRO, where sensitive data is stored under the web root with insufficient access control. According to the sources, an attacker can directly request various files in includes/ (config.php, config.php.bak, and other includes/), read files in ...