DWebPro 3.4.1 - Http.ini Plaintext Password Storage

source: https://www.securityfocus.com/bid/8438/info A vulnerability has been reported to exist in the DWebPro web server software. This problem allows an attacker to view database authentication credentials by accessing a plain text file named 'http.ini'. An attacker will require read access to...