exploitDog

CVE-2005-2956

Опубликовано: 16 сент. 2005

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

ATutor 1.5.1, and possibly earlier versions, stores temporary chat logs under the web document root with insufficient access control and predictable filenames, which allows remote attackers to obtain user chat conversations via direct requests to those files.

Ссылки

http://marc.info/?l=bugtraq&m=112671176100432&w=2
http://rgod.altervista.org/atutor151.html
Exploit
Vendor Advisory
http://securityreason.com/securityalert/9
http://www.securityfocus.com/bid/14832
Exploit
http://marc.info/?l=bugtraq&m=112671176100432&w=2
http://rgod.altervista.org/atutor151.html
Exploit
Vendor Advisory
http://securityreason.com/securityalert/9
http://www.securityfocus.com/bid/14832
Exploit

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:adaptive_technology_resource_centre:atutor:1.5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 87%

0.03573

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-62mx-73c7-569h

github

почти 4 года назад

ATutor 1.5.1, and possibly earlier versions, stores temporary chat logs under the web document root with insufficient access control and predictable filenames, which allows remote attackers to obtain user chat conversations via direct requests to those files.

EPSS

Процентиль: 87%

0.03573

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other