PHP MySQL Banner Exchange 2.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database information via a direct request to inc/lib.inc.Referenceshttp://securityreason.com/securityalert/3478http://www.securityfocus.com/archive/1/485178/100/0/threadedhttp://www.securityfocus.com/archive/1/485098/100/0/threadedhttp://www.securityfocus.com/archive/1/485266/100/0/threadedhttp://osvdb.org/40232
