CVE-2006-0756

Опубликовано: 18 фев. 2006

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

dotProject 2.0.1 and earlier leaves (1) phpinfo.php and (2) check.php accessible under the /docs/ directory after installation, which allows remote attackers to obtain sensitive configuration information. NOTE: the vendor disputes this issue, saying that it could only occur if the administrator ignores the installation instructions as well as warnings generated by check.php

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:dotproject:dotproject:2.0:*:*:*:*:*:*:*

cpe:2.3:a:dotproject:dotproject:2.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01021

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-4ch8-97hr-6php

github

почти 4 года назад

** DISPUTED ** dotProject 2.0.1 and earlier leaves (1) phpinfo.php and (2) check.php accessible under the /docs/ directory after installation, which allows remote attackers to obtain sensitive configuration information. NOTE: the vendor disputes this issue, saying that it could only occur if the administrator ignores the installation instructions as well as warnings generated by check.php.