CVE-2004-2638

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

The Admin Access With Levels plugin in osCommerce 1.5.1 allows remote attackers to access files in the "admin/" directory by modifying the in_login parameter to a non-zero value.

Ссылки

http://secunia.com/advisories/11473
Patch
Vendor Advisory
http://secwatch.org/advisories/1007857
Patch
Vendor Advisory
http://www.osvdb.org/5717
http://www.securityfocus.com/bid/10235
https://exchange.xforce.ibmcloud.com/vulnerabilities/16009
http://secunia.com/advisories/11473
Patch
Vendor Advisory
http://secwatch.org/advisories/1007857
Patch
Vendor Advisory
http://www.osvdb.org/5717
http://www.securityfocus.com/bid/10235
https://exchange.xforce.ibmcloud.com/vulnerabilities/16009

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oscommerce:oscommerce:1.5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01427

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-9h2x-7449-7c5m

github

почти 4 года назад