CVE-2004-2563

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 5.8

EPSS Низкий

Описание

Serena TeamTrack 6.1.1 allows remote attackers to obtain sensitive information such as user names, versions, and database information, and conduct cross-site scripting (XSS) attacks, via a direct request to tmtrack.dll with modified LoginPage and Template parameters.

Ссылки

http://secunia.com/advisories/12122
Vendor Advisory
http://www.osvdb.org/8182
Exploit
http://www.osvdb.org/8183
Exploit
http://www.osvdb.org/8185
Exploit
http://www.securiteam.com/windowsntfocus/5SP0O0ADGG.html
Exploit
http://www.securityfocus.com/bid/10770
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/16771
https://exchange.xforce.ibmcloud.com/vulnerabilities/16777
http://secunia.com/advisories/12122
Vendor Advisory
http://www.osvdb.org/8182
Exploit
http://www.osvdb.org/8183
Exploit
http://www.osvdb.org/8185
Exploit
http://www.securiteam.com/windowsntfocus/5SP0O0ADGG.html
Exploit
http://www.securityfocus.com/bid/10770
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/16771
https://exchange.xforce.ibmcloud.com/vulnerabilities/16777

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:serena_software:serena_teamtrack:6.1.1:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01068

Низкий

5.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-9wwc-xv4f-3h57

github

почти 4 года назад