Discovery of this issue is credited to Tamer Sahin <firstname.lastname@example.org>.
MDG Computer Services Web Server 4D 3.6
MDG Web Server 4D is reported to store various types of credentials for optional modules in plaintext on the local filesystem. Local attackers who can read the file containing the credentials may then use the credentials to gain access to other types of sensitive information or perform unauthorized actions.
This issue has been reported in Web Server 4D 3.6. Other versions may also be affected.
There is no exploit code required.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: email@example.com <mailto:firstname.lastname@example.org>.