Описание
TFT Gallery 0.10 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the admin password file and obtain password hashes via a direct request to admin/passwd.
TFT Gallery 0.10 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the admin password file and obtain password hashes via a direct request to admin/passwd.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-1412
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25465
- https://www.exploit-db.com/exploits/1611
- http://secunia.com/advisories/19411
- http://www.securityfocus.com/archive/1/453471/100/0/threaded
- http://www.securityfocus.com/archive/1/453485/100/0/threaded
- http://www.securityfocus.com/bid/17250
- http://www.vupen.com/english/advisories/2006/1115
EPSS
Процентиль: 94%
0.12875
Средний
CVE ID
Связанные уязвимости
nvd
почти 20 лет назад
TFT Gallery 0.10 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the admin password file and obtain password hashes via a direct request to admin/passwd.
EPSS
Процентиль: 94%
0.12875
Средний