exploitDog

CVE-2004-1788

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

ASP-Nuke 1.3 and earlier places user credentials under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to main.mdb.

Ссылки

http://www.securityfocus.com/bid/9355
Exploit
http://www.securityfocus.com/bid/9355
Exploit

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:asp-nuke:asp-nuke:1.0:*:*:*:*:*:*:*

cpe:2.3:a:asp-nuke:asp-nuke:1.2:*:*:*:*:*:*:*

cpe:2.3:a:asp-nuke:asp-nuke:1.3:*:*:*:*:*:*:*

EPSS

Процентиль: 89%

0.05035

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-5qv2-fhvc-7vj5

github

больше 3 лет назад

ASP-Nuke 1.3 and earlier places user credentials under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to main.mdb.

EPSS

Процентиль: 89%

0.05035

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other