|
|
Efone Config.INC Information Disclosure Vulnerability
Efone is prone to an information-disclosure vulnerability. This issue occurs because access controls on configuration files are not properly set. An attacker can exploit this issue to retrieve potentially sensitive information. This may aid in further attacks. It should be noted that this vulnerability exists only when the '.inc' file extension is not declared as a PHP suffix. |
|
Privacy Statement |