CVE-2003-1383 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2003-1383

CWE

https://cwe.mitre.org/data/definitions/264.html

WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password.

Affected Software

Name	Vendor	Start Version	End Version
Web_erp	Logicworks	*	0.1.4 (including)

References

http://securityreason.com/securityalert/3257
http://www.securityfocus.com/archive/1/313575
http://www.securityfocus.com/bid/6996
https://exchange.xforce.ibmcloud.com/vulnerabilities/11443
http://securityreason.com/securityalert/3257
http://www.securityfocus.com/archive/1/313575
http://www.securityfocus.com/bid/6996
https://exchange.xforce.ibmcloud.com/vulnerabilities/11443