exploitDog

CVE-2005-1136

Опубликовано: 14 апр. 2005

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Simple PHP Blog (sphpBlog) 0.4.0 stores the (1) password.txt and (2) config.txt files under the web document root, which allows remote attackers to obtain sensitive information and crack passwords via a direct request to these files.

Ссылки

http://echo.or.id/adv/adv12-y3dips-2005.txt
Exploit
Vendor Advisory
http://marc.info/?l=bugtraq&m=111359320312609&w=2
http://www.waraxe.us/ftopict-651.html
Exploit
Vendor Advisory
http://echo.or.id/adv/adv12-y3dips-2005.txt
Exploit
Vendor Advisory
http://marc.info/?l=bugtraq&m=111359320312609&w=2
http://www.waraxe.us/ftopict-651.html
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sphpblog:sphpblog:0.4_.0:*:*:*:*:*:*:*

EPSS

Процентиль: 63%

0.00443

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-p35h-cp5r-m46j

github

почти 4 года назад

Simple PHP Blog (sphpBlog) 0.4.0 stores the (1) password.txt and (2) config.txt files under the web document root, which allows remote attackers to obtain sensitive information and crack passwords via a direct request to these files.

EPSS

Процентиль: 63%

0.00443

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other