Bleeping Computer: Anchor CMS Sites May Be Spewing Their Database Passwords

Bleeping Computer: Anchor CMS Sites May Be Spewing Their Database Passwords. “Websites built using the Anchor CMS may be accidentally exposing their database passwords in publicly-facing error logs, Dutch security researcher Tijme Gommers has discovered. Gommers says that an attacker can navigate to the following URL and download a copy of the site’s errors log, where in some cases, he may find the site’s database password exposed in cleartext.”