Описание
ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote attackers to obtain the database via a direct request to the database filename, which is predictable based on table and field names.
ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote attackers to obtain the database via a direct request to the database filename, which is predictable based on table and field names.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-2060
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16802
- http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0011.html
- http://ferruh.mavituna.com/article/?574
- http://marc.info/?l=bugtraq&m=109086977330418&w=2
- http://secunia.com/advisories/12164
- http://securitytracker.com/id?1010777
- http://www.osvdb.org/8253
- http://www.securityfocus.com/bid/10799
EPSS
Процентиль: 93%
0.09187
Низкий
CVE ID
Связанные уязвимости
nvd
около 21 года назад
ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote attackers to obtain the database via a direct request to the database filename, which is predictable based on table and field names.
EPSS
Процентиль: 93%
0.09187
Низкий