CVE-2019-11616

Name of the Vulnerable Software and Affected Versions doorGets version 7.0

Description The issue allows a remote unauthenticated attacker to disclose sensitive information. Specifically, the vulnerability is present in the /setup/temp/admin.php and /setup/temp/database.php API endpoints, which could be exploited to obtain the administrator password.

Recommendations For doorGets version 7.0, consider restricting access to the /setup/temp/admin.php and /setup/temp/database.php API endpoints to prevent exploitation until a fix is available. Additionally, changing the administrator password and monitoring for any suspicious activity is recommended.