Описание
JAG (Just Another Guestbook) 1.14 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request for jag/database.sql.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:xs4all:jag:1.14:*:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.01612
Низкий
5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
JAG (Just Another Guestbook) 1.14 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request for jag/database.sql.
EPSS
Процентиль: 81%
0.01612
Низкий
5 Medium
CVSS2
Дефекты
CWE-264