Описание
Uploadscript 1.2 and earlier stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain the admin password hash via a direct request for /password.txt.
Uploadscript 1.2 and earlier stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain the admin password hash via a direct request for /password.txt.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-6377
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30747
- http://secunia.com/advisories/23264
- http://securityreason.com/securityalert/2003
- http://www.securityfocus.com/archive/1/453644/100/0/threaded
- http://www.securityfocus.com/archive/1/457696/100/0/threaded
- http://www.vupen.com/english/advisories/2006/4893
EPSS
Процентиль: 92%
0.08387
Низкий
CVE ID
Связанные уязвимости
nvd
около 19 лет назад
Uploadscript 1.2 and earlier stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain the admin password hash via a direct request for /password.txt.
EPSS
Процентиль: 92%
0.08387
Низкий