Описание
ADP Forum 2.0 through 2.0.3 stores sensitive information in plaintext files under the web document root with insufficient access control, which allows remote attackers to obtain user credentials via requests to the forum/users directory.
Ссылки
- Vendor Advisory
- ExploitVendor AdvisoryURL Repurposed
- Vendor Advisory
- ExploitVendor AdvisoryURL Repurposed
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:adp:adp_forum:2.0:*:*:*:*:*:*:*
cpe:2.3:a:adp:adp_forum:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:adp:adp_forum:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:adp:adp_forum:2.0.3:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00233
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
ADP Forum 2.0 through 2.0.3 stores sensitive information in plaintext files under the web document root with insufficient access control, which allows remote attackers to obtain user credentials via requests to the forum/users directory.
EPSS
Процентиль: 46%
0.00233
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other