exploitDog

CVE-2007-5129

Опубликовано: 27 сент. 2007

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

SimpGB 1.46.02 stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) obtain sensitive configuration information via a direct request for admin/cfginfo.php; and (2) download arbitrary .inc files via a direct request, as demonstrated by admin/includes/dbtables.inc.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:boesch-it:simpgb:1.46.02:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00792

Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-wrm6-9pmw-hhvh

github

почти 4 года назад

SimpGB 1.46.02 stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) obtain sensitive configuration information via a direct request for admin/cfginfo.php; and (2) download arbitrary .inc files via a direct request, as demonstrated by admin/includes/dbtables.inc.

EPSS

Процентиль: 73%

0.00792

Низкий

5 Medium

CVSS2

Дефекты

CWE-200