Quicksilver Forums before 1.4.1 allows remote attackers to obtain sensitive information by causing unspecified connection errors, which reveals the database password in the resulting error message.
References
Configurations
History
No history.
Information
Published : 2007-10-01 20:17
Updated : 2024-02-28 11:01
NVD link : CVE-2007-5172
Mitre link : CVE-2007-5172
CVE.ORG link : CVE-2007-5172
JSON object : View
Products Affected
quicksilver_forums
- quicksilver_forums
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor