Weberp · Weberp · CVE-2003-1383
**Name of the Vulnerable Software and Affected Versions**
WEB-ERP versions 0.1.4 and earlier
**Description**
The issue allows remote attackers to obtain sensitive information via an HTTP request for the `logicworks.ini` file, which contains the MySQL database `username` and `password`.
**Recommendations**
For versions 0.1.4 and earlier, restrict access to the `logicworks.ini` file to prevent unauthorized disclosure of database credentials.