Description

One or more database connection strings were found. The connection strings may include attributes such as the name of the driver, server and database, as well as security information such as user name and password.

Remediation

Restrict access to these file(s) or restrict the disclosure of this connection string .

References

Database Connection String Detected | Invicti

Related Vulnerabilities

WordPress Plugin Easy Author Image Information Disclosure (1.5)

WordPress Plugin Ghost Arbitrary File Download (0.5.5)

Apache Tomcat Information Disclosure CVE-2017-7674

WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.11)

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6625)

Severity

Medium

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure