Описание
Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a "/" in the msg parameter to index.php, which reveals usernames and passwords in a MySQL error message, possibly due to a forced SQL error or SQL injection.
Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a "/" in the msg parameter to index.php, which reveals usernames and passwords in a MySQL error message, possibly due to a forced SQL error or SQL injection.
EPSS
Процентиль: 70%
0.00653
Низкий
CVE ID
Связанные уязвимости
nvd
почти 20 лет назад
Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a "*/*" in the msg parameter to index.php, which reveals usernames and passwords in a MySQL error message, possibly due to a forced SQL error or SQL injection.
EPSS
Процентиль: 70%
0.00653
Низкий