Описание
Interchange before 5.0.1 allows remote attackers to "expose the content of arbitrary variables" and read or modify sensitive SQL information via an HTTP request ending with the "SQLUSER" string.
Interchange before 5.0.1 allows remote attackers to "expose the content of arbitrary variables" and read or modify sensitive SQL information via an HTTP request ending with the "SQLUSER" string.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-0374
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15670
- http://ftp.icdevgroup.org/interchange/5.0/WHATSNEW
- http://secunia.com/advisories/11234
- http://www.debian.org/security/2004/dsa-471
- http://www.icdevgroup.org/pipermail/interchange-announce/2004/000043.html
- http://www.securityfocus.com/bid/10005
EPSS
Процентиль: 90%
0.06025
Низкий
CVE ID
Связанные уязвимости
nvd
больше 21 года назад
Interchange before 5.0.1 allows remote attackers to "expose the content of arbitrary variables" and read or modify sensitive SQL information via an HTTP request ending with the "__SQLUSER__" string.
debian
больше 21 года назад
Interchange before 5.0.1 allows remote attackers to "expose the conten ...
EPSS
Процентиль: 90%
0.06025
Низкий