Описание
Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ban.dat and (4) banmat.pwd data files under the web document root with insufficient access control, which allows attackers to obtain sensitive information via a direct request for the files.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:joe_depasquale:bannermatic:1.0:*:*:*:*:*:*:*
cpe:2.3:a:joe_depasquale:bannermatic:2.0:*:*:*:*:*:*:*
cpe:2.3:a:joe_depasquale:bannermatic:3.0:*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.00291
Низкий
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ban.dat and (4) banmat.pwd data files under the web document root with insufficient access control, which allows attackers to obtain sensitive information via a direct request for the files.
EPSS
Процентиль: 52%
0.00291
Низкий
5 Medium
CVSS2
Дефекты
CWE-200