VULHUB ™

A problem with TheServer may make it possible for remote attackers to gain access to sensitive information. TheServer does not cryptographically protect stored passwords. Passwords contained in the configuration file are stored in plain text. They may be read by simply viewing the file. The file (server.ini) is stored in a web accessible location and is, itself, accessible for retrieval by remote attackers using a web browser.

A problem with TheServer may make it possible for remote attackers to gain access to sensitive information. TheServer does not cryptographically protect stored passwords. Passwords contained in the configuration file are stored in plain text. They may be read by simply viewing the file. The file (server.ini) is stored in a web accessible location and is, itself, accessible for retrieval by remote attackers using a web browser.