SQL Command Disclosure
Impact: Informational
Description
SQL commands reveal information about the structure of the underlying database. This information does not create any direct impact on the target, though it provides valuable information attackers can use in their attack.
Recommendation
If it’s not displayed intentionally, fix the reason causing the disclosure and make sure the SQL comand is not revealed due to errors and misconfigurations.
References
👉 You might also like:
Email Address Disclosure - Vulnerability
Path Disclosure in Robots.txt - Vulnerability
PHP Version Disclosure - Vulnerability
Private IPv4 Address Disclosure - Vulnerability
Last updated on February 15, 2021