Vulnerability: Anchor CMS 0.12.3 - Error Log Exposure

Anchor CMS 0.12.3 is susceptible to an error log exposure vulnerability due to an issue in config/error.php. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as “Too many connections”) has occurred.

Impact

An attacker can gain access to sensitive information, such as usernames, passwords, and system configuration details.

Severity

critical

Verified

Unknown