CVE-2012-5916

Name of the Vulnerable Software and Affected Versions Neocrome Seditio build 161

Description The issue allows remote attackers to obtain sensitive information by making a direct request to specific SQL files, including (1) docs/new/seditio-createnew-160.sql, (2) docs/upgrade/sedito convert to utf8.optional.sql, or (3) system/install/install.parser.sql.

Recommendations For Neocrome Seditio build 161, consider restricting access to the mentioned SQL files to prevent unauthorized disclosure of sensitive information. As a temporary workaround, restrict access to the docs/new/, docs/upgrade/, and system/install/ directories until a patch is available.