Описание
PHP-Survey 20000615 and earlier stores the global.inc file under the web root, which allows remote attackers to obtain sensitive information, including database credentials, if .inc files are not preprocessed by the server.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:php-survey:php-survey:2000-04-20:*:*:*:*:*:*:*
cpe:2.3:a:php-survey:php-survey:2000-04-21:*:*:*:*:*:*:*
cpe:2.3:a:php-survey:php-survey:2000-06-14:*:*:*:*:*:*:*
cpe:2.3:a:php-survey:php-survey:2000-06-14b:*:*:*:*:*:*:*
cpe:2.3:a:php-survey:php-survey:2000-06-15:*:*:*:*:*:*:*
cpe:2.3:a:php-survey:php-survey:prebeta2000-03-27:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.00808
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
PHP-Survey 20000615 and earlier stores the global.inc file under the web root, which allows remote attackers to obtain sensitive information, including database credentials, if .inc files are not preprocessed by the server.
EPSS
Процентиль: 74%
0.00808
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other