|
|
|
|
|
|
by DrJokepu
6111 days ago
|
|
|
Of course, but the "vulnerability" in this article was about the source code in the repository tree, not the deployed one. Also, I believe that database credentials should be stored in external configuration files (which, of course, shouldn't be browsable) so if they do an update, they don't have to add the credentials again. About leaking the source: Yes, that could definitely be a problem, I agree, but I'm not sure if this can be considered as a vulnerability, more like carelessness on the part of the admin of the site. |
|
|