CVE-2006-0370

Опубликовано: 22 янв. 2006

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Noah Medling RCBlog 1.03 stores the data and config directories under the web root with insufficient access control, which allows remote attackers to view account names and MD5 password hashes.

Ссылки

http://evuln.com/vulns/42/summary.html
Exploit
Vendor Advisory
http://secunia.com/advisories/18547
Vendor Advisory
http://securitytracker.com/id?1015523
http://www.fluffington.com/index.php?page=rcblog
URL Repurposed
http://www.osvdb.org/22679
http://www.securityfocus.com/archive/1/422499/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/24249
http://evuln.com/vulns/42/summary.html
Exploit
Vendor Advisory
http://secunia.com/advisories/18547
Vendor Advisory
http://securitytracker.com/id?1015523
http://www.fluffington.com/index.php?page=rcblog
URL Repurposed
http://www.osvdb.org/22679
http://www.securityfocus.com/archive/1/422499/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/24249

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:noah_medling:rcblog:1.03:*:*:*:*:*:*:*

EPSS

Процентиль: 71%

0.00675

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-54pc-xx3g-g9cx

github

почти 4 года назад