exploitDog

CVE-2004-2608

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

SmartWebby Smart Guest Book stores SmartGuestBook.mdb (aka the "news database") under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the unencrypted username and password of the administrator's account.

Ссылки

http://secunia.com/advisories/12401
Vendor Advisory
http://securitytracker.com/id?1011084
Exploit
http://www.osvdb.org/9363
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/17146
http://secunia.com/advisories/12401
Vendor Advisory
http://securitytracker.com/id?1011084
Exploit
http://www.osvdb.org/9363
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/17146

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:smartwebby:smart_guest_book:2:*:*:*:*:*:*:*

EPSS

Процентиль: 62%

0.00421

Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-jcr8-6hcp-xjf9

github

почти 4 года назад

SmartWebby Smart Guest Book stores SmartGuestBook.mdb (aka the "news database") under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the unencrypted username and password of the administrator's account.

EPSS

Процентиль: 62%

0.00421

Низкий

5 Medium

CVSS2

Дефекты

CWE-264