CVE-2007-6512

Description

PHP MySQL Banner Exchange 2.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database information via a direct request to inc/lib.inc.

Affected products

• php / mysql_banner_exchange2.2.1 – 2.2.1

References

• MISChttp://securityreason.com/securityalert/3478
• MISChttp://www.securityfocus.com/archive/1/485178/100/0/threaded
• MISChttp://www.securityfocus.com/archive/1/485098/100/0/threaded
• MISChttp://www.securityfocus.com/archive/1/485266/100/0/threaded
• MISChttp://osvdb.org/40232