CVE-2014-3781

Опубликовано: 11 июн. 2014

Источник: debian

EPSS Низкий

Описание

The dcXmlRpc::setUser method in nc/core/class.dc.xmlrpc.php in Dotclear before 2.6.3 allows remote attackers to bypass authentication via an empty password in an XML-RPC request.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
dotclear	fixed	2.6.3+dfsg-1		package

EPSS

Процентиль: 63%

0.00447

Низкий

Связанные уязвимости

CVE-2014-3781

ubuntu

больше 11 лет назад

The dcXmlRpc::setUser method in nc/core/class.dc.xmlrpc.php in Dotclear before 2.6.3 allows remote attackers to bypass authentication via an empty password in an XML-RPC request.

CVE-2014-3781

nvd

больше 11 лет назад

The dcXmlRpc::setUser method in nc/core/class.dc.xmlrpc.php in Dotclear before 2.6.3 allows remote attackers to bypass authentication via an empty password in an XML-RPC request.

GHSA-67p5-4gjp-j4vw

github

больше 3 лет назад

The dcXmlRpc::setUser method in nc/core/class.dc.xmlrpc.php in Dotclear before 2.6.3 allows remote attackers to bypass authentication via an empty password in an XML-RPC request.

EPSS

Процентиль: 63%

0.00447

Низкий