CVE-2003-1541

Опубликовано: 31 дек. 2003

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

PlanetMoon Guestbook tr3.a stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the admin script password, and other passwords, via a direct request to files/passwd.txt.

Ссылки

http://secunia.com/advisories/8392
http://securityreason.com/securityalert/3653
http://www.securityfocus.com/archive/1/315895/30/25400/threaded
http://www.securityfocus.com/bid/7167
http://www.securitytracker.com/id?1006360
https://exchange.xforce.ibmcloud.com/vulnerabilities/11609
http://secunia.com/advisories/8392
http://securityreason.com/securityalert/3653
http://www.securityfocus.com/archive/1/315895/30/25400/threaded
http://www.securityfocus.com/bid/7167
http://www.securitytracker.com/id?1006360
https://exchange.xforce.ibmcloud.com/vulnerabilities/11609

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:planetmoon:guestbook:tr3.a.1:*:*:*:*:*:*:*

EPSS

Процентиль: 89%

0.0461

Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-c26f-86m7-5qpw

github

больше 3 лет назад