4 matches found
CVE-2023-52286
Tencent tdsqlpcloud through 1.8.5 allows unauthenticated remote attackers to discover database credentials via an index.php/api/install/getdbinfo request, a related issue to CVE-2023-42387...
Design/Logic Flaw
Tencent tdsqlpcloud through 1.8.5 allows unauthenticated remote attackers to discover database credentials via an index.php/api/install/getdbinfo request, a related issue to CVE-2023-42387...
CVE-2023-52286
Tencent tdsqlpcloud through 1.8.5 allows unauthenticated remote attackers to discover database credentials via an index.php/api/install/getdbinfo request, a related issue to CVE-2023-42387...
CVE-2023-42387
CVE-2023-42387 describes an information disclosure in the TDSQL Chitu management platform (v.10.3.19.5.0). A remote attacker can obtain sensitive data via the get_db_info function in install.php. Public references in the provided documents tie this issue to an unauthenticated access path that exp...