exploitDog

CVE-2005-2005

Опубликовано: 16 июн. 2005

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Ultimate PHP Board (UPB) 1.9.6 GOLD and earlier stores the users.dat file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information on registered users via a direct request to db/users.dat.

Ссылки

http://marc.info/?l=bugtraq&m=111893777504821&w=2
http://secunia.com/advisories/15732
Patch
Vendor Advisory
http://marc.info/?l=bugtraq&m=111893777504821&w=2
http://secunia.com/advisories/15732
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ultimate_php_board:ultimate_php_board:1.8:*:*:*:*:*:*:*

cpe:2.3:a:ultimate_php_board:ultimate_php_board:1.8.2:*:*:*:*:*:*:*

cpe:2.3:a:ultimate_php_board:ultimate_php_board:1.9:*:*:*:*:*:*:*

cpe:2.3:a:ultimate_php_board:ultimate_php_board:1.9.6:*:*:*:*:*:*:*

EPSS

Процентиль: 53%

0.00306

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-8vfv-hc9g-64w9

github

почти 4 года назад

Ultimate PHP Board (UPB) 1.9.6 GOLD and earlier stores the users.dat file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information on registered users via a direct request to db/users.dat.

EPSS

Процентиль: 53%

0.00306

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other