Mauritius Tourism Promotion Authority (MTPA) Official Website Vulnerable

Ish Sookun, Mauritian Linux enthusiast and blogger who discovered vulnerability on the MNIC website recently is back with another ‘data leaking’ discovery. The vulnerabilities this time is on the official website of Mauritius Tourism Promotion Authority (MTPA).
According to Mr Sookun, 269,146 email addresses are publicly available. This is because the directories where the files are kept on the server allow public access. As he stated in his blog post, this database would be a gold mine for spammers.
Not satisfied with this, he decided to do some further search by visiting other directories.He was once again shocked when he came across two  administrator’s unencrypted credentials, that is, usernames and plain text passwords. One was for the blog MySQL database and the other for the newsletter application.  Mr Sookun reported this issue to CERT-MU and at the time of publishing, he stated he hasn’t received any reply from them.

Source: [Click Here!]