Description

One or more database connection strings were found. The connection strings may include attributes such as the name of the driver, server and database, as well as security information such as user name and password.

Remediation

Restrict access to these file(s) or restrict the disclosure of this connection string .

References

Database Connection String Detected | Invicti

Related Vulnerabilities

WordPress Plugin Slideshow Information Disclosure (2.2.21)

WordPress Plugin WooCommerce Information Disclosure (4.5.2)

Typo3 Admin publicly accessible

WordPress Plugin Shopping Cart & eCommerce Store Information Disclosure (2.0.5)

WordPress Plugin Google Drive for WordPress Information Disclosure (2.2)

Severity

Medium

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure