CVE-2006-0843

Опубликовано: 22 фев. 2006

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Leif M. Wright's Blog 3.5 stores the config file and other txt files under the web root with insufficient access control, which allows remote attackers to read the administrator's password.

Ссылки

http://secunia.com/advisories/18923
Vendor Advisory
http://securityreason.com/securityalert/522
http://www.evuln.com/vulns/82/summary.html
Vendor Advisory
http://www.securityfocus.com/bid/16712
https://exchange.xforce.ibmcloud.com/vulnerabilities/24752
http://secunia.com/advisories/18923
Vendor Advisory
http://securityreason.com/securityalert/522
http://www.evuln.com/vulns/82/summary.html
Vendor Advisory
http://www.securityfocus.com/bid/16712
https://exchange.xforce.ibmcloud.com/vulnerabilities/24752

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:leif_m._wright:web_blog:3.5:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00547

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-p87g-jvpm-qw44

github

почти 4 года назад