CVE-2006-3965

Name of the Vulnerable Software and Affected Versions Banex PHP MySQL Banner Exchange version 2.21

Description The issue allows remote attackers to obtain sensitive information, such as database usernames and passwords, due to insufficient access control of the lib.inc file stored under the web document root.

Recommendations For Banex PHP MySQL Banner Exchange version 2.21, consider restricting access to the lib.inc file to prevent remote attackers from obtaining sensitive information. As a temporary workaround, move the lib.inc file outside of the web document root or apply appropriate access controls to limit exposure.