exploitDog

CVE-2004-1565

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

list.php in w-Agora 4.1.6a allows remote attackers to reveal the full path via a crafted HTTP request, possibly involving a malformed id parameter.

Ссылки

http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/027040.html
Exploit
Vendor Advisory
http://marc.info/?l=bugtraq&m=109655691512298&w=2
http://secunia.com/advisories/12695
Patch
Vendor Advisory
http://securitytracker.com/id?1011463
http://www.securityfocus.com/bid/11283
http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/027040.html
Exploit
Vendor Advisory
http://marc.info/?l=bugtraq&m=109655691512298&w=2
http://secunia.com/advisories/12695
Patch
Vendor Advisory
http://securitytracker.com/id?1011463
http://www.securityfocus.com/bid/11283

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:w-agora:w-agora:4.1.6a:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.00927

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-2m7r-8x5f-v32g

github

почти 4 года назад

list.php in w-Agora 4.1.6a allows remote attackers to reveal the full path via a crafted HTTP request, possibly involving a malformed id parameter.

EPSS

Процентиль: 76%

0.00927

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other