CVE-2004-2616

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 4

EPSS Низкий

Описание

The file server in ActivePost Standard 3.1 and earlier allows remote authenticated users to obtain sensitive information by uploading a file, which reveals the path in a success message.

Ссылки

http://aluigi.altervista.org/adv/actp-adv.txt
Exploit
Vendor Advisory
http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0852.html
Exploit
Vendor Advisory
http://marc.info/?l=bugtraq&amp%3Bm=109597139011373&amp%3Bw=2
http://securitytracker.com/id?1011406
Exploit
Vendor Advisory
http://www.osvdb.org/10235
http://aluigi.altervista.org/adv/actp-adv.txt
Exploit
Vendor Advisory
http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0852.html
Exploit
Vendor Advisory
http://marc.info/?l=bugtraq&amp%3Bm=109597139011373&amp%3Bw=2
http://securitytracker.com/id?1011406
Exploit
Vendor Advisory
http://www.osvdb.org/10235

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:onnuri_infotek:activepost_standard:*:*:*:*:*:*:*:*

Версия до 3.1 (включая)

cpe:2.3:a:onnuri_infotek:activepost_standard:2.5:*:*:*:*:*:*:*

cpe:2.3:a:onnuri_infotek:activepost_standard:3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 61%

0.00416

Низкий

4 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-3p24-gwpr-5f2q

github

почти 4 года назад