CVE-2006-1764

Опубликовано: 13 апр. 2006

Источник: nvd

CVSS2: 7.8

EPSS Низкий

Описание

Hosting Controller 6.1 stores forum/db/forum.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as user name and password credentials. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hosting_controller:hosting_controller:*:*:*:*:*:*:*:*

Версия до 6.1_hotfix_2.9 (включая)

cpe:2.3:a:hosting_controller:hosting_controller:1.1:*:*:*:*:*:*:*

cpe:2.3:a:hosting_controller:hosting_controller:1.3:*:*:*:*:*:*:*

cpe:2.3:a:hosting_controller:hosting_controller:1.4:*:*:*:*:*:*:*

cpe:2.3:a:hosting_controller:hosting_controller:1.4.1:*:*:*:*:*:*:*

cpe:2.3:a:hosting_controller:hosting_controller:1.4b:*:*:*:*:*:*:*

cpe:2.3:a:hosting_controller:hosting_controller:6.1:*:*:*:*:*:*:*

cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.4:*:*:*:*:*:*:*

cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.7:*:*:*:*:*:*:*

cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_1.9:*:*:*:*:*:*:*

cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.0:*:*:*:*:*:*:*

cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.1:*:*:*:*:*:*:*

cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.3:*:*:*:*:*:*:*

cpe:2.3:a:hosting_controller:hosting_controller:6.1_hotfix_2.8:*:*:*:*:*:*:*

cpe:2.3:a:hosting_controller:hosting_controller:2002:*:*:*:*:*:*:*

cpe:2.3:a:hosting_controller:hosting_controller:2002_rc_1:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00372

Низкий

7.8 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-2qc9-hx55-p47v

github

почти 4 года назад