qdPM Sensitive Information Disclosure Vulnerability - CVE-2015-3881 - Vulnerability Database

qdPM Sensitive Information Disclosure Vulnerability - CVE-2015-3881

High

Reference: CVE-2015-3881

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-3881

Title: qdPM Sensitive Information Disclosure Vulnerability

Overview:

Information disclosure issue in qdPM 8.3 allows remote attackers to obtain sensitive information via a direct request to (1) core/config/databases.yml (2) core/log/qdPM_prod.log or (3) core/apps/qdPM/config/settings.yml.