Looks like your page http://mwomercs.com/status creates security breach!
Few days ago it contained important site security information: database ip, db-name, username and PASSWORD!
Here it is:
MySQL Error Msgs: Access denied for user 'omicron_web'@'MWO-LIVE-WEB001' (using password: YES)
array(6) {
[0]=>
array(7) {
["file"]=>
string(63) "/var/www/vhosts/mwomercs.com/httpdocs/sys/classes/sql.class.php"
["line"]=>
int(26)
["function"]=>
string(16) "REPORT_SQL_ERROR"
["class"]=>
string(3) "SQL"
["object"]=>
object(SQL)#2 (6) {
["CONNECTION":"SQL":private]=>
bool(false)
["URL":"SQL":private]=>
string(13) "p:10.65.81.11"
["USER":"SQL":private]=>
string(11) "omicron_web"
["PASS":"SQL":private]=>
string(30) "devpass74turtle......................."
["DB":"SQL":private]=>
string(11) "omicron_web"
["DROP_VALUES":"SQL":private]=>
array(1) {
[0]=>
string(0) ""
}
}
I hope you fixed it already
1
2 replies to this topic
#1
Posted 02 September 2014 - 03:31 AM
#2
Posted 02 September 2014 - 05:43 AM
yeah its alos a bit strange we have to import the security certificate, but yet who would knwo if that certificate is right or just fake?
#3
Posted 02 September 2014 - 08:20 AM
The https on the login is not verified on my mobile. My PC treats it fine but my phone doesn't like it. Maybe that has ties to this incident?
Edited by DavidHurricane, 02 September 2014 - 08:20 AM.
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users