exploitDog

CVE-2004-1217

Опубликовано: 10 янв. 2005

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Hosting Controller 6.1 Hotfix 1.4, and possibly other versions, allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter to (1) Statsbrowse.asp or (2) Generalbrowse.asp.

Ссылки

http://marc.info/?l=bugtraq&m=110237762807764&w=2
http://www.securityfocus.com/bid/11822
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/18363
http://marc.info/?l=bugtraq&m=110237762807764&w=2
http://www.securityfocus.com/bid/11822
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/18363

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hosting_controller:hosting_controller:6.1:*:*:*:*:*:*:*

cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.4:*:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00568

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-2jr6-wr98-5h84

github

больше 3 лет назад

Hosting Controller 6.1 Hotfix 1.4, and possibly other versions, allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter to (1) Statsbrowse.asp or (2) Generalbrowse.asp.

EPSS

Процентиль: 68%

0.00568

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other