exploitDog

CVE-2008-6382

Опубликовано: 02 мар. 2009

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

ASP Portal 3.2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to ASPPortal.mdb.

Ссылки

http://osvdb.org/50372
Exploit
http://secunia.com/advisories/32889
Vendor Advisory
https://www.exploit-db.com/exploits/7316
http://osvdb.org/50372
Exploit
http://secunia.com/advisories/32889
Vendor Advisory
https://www.exploit-db.com/exploits/7316

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:aspportal:aspportal:3.2.5:*:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.05231

Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-wj68-rrf7-99f9

github

больше 3 лет назад

ASP Portal 3.2.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to ASPPortal.mdb.

EPSS

Процентиль: 90%

0.05231

Низкий

5 Medium

CVSS2

Дефекты

CWE-264