exploitDog

CVE-2009-0767

Опубликовано: 06 мар. 2009

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Kipper 2.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing credentials via a direct request for job/config.data.

Ссылки

http://secunia.com/advisories/33832
Vendor Advisory
https://www.exploit-db.com/exploits/7993
http://secunia.com/advisories/33832
Vendor Advisory
https://www.exploit-db.com/exploits/7993

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bookelves:kipper:2.01:*:*:*:*:*:*:*

EPSS

Процентиль: 89%

0.04615

Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-vx9q-r464-6v8x

github

почти 4 года назад

Kipper 2.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing credentials via a direct request for job/config.data.

EPSS

Процентиль: 89%

0.04615

Низкий

5 Medium

CVSS2

Дефекты

CWE-264