exploitDog

CVE-2018-12908

Опубликовано: 27 июн. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 5

EPSS Средний

Описание

Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote attackers to obtain sensitive information via a direct request for the /dashboard/deposit URI, as demonstrated by discovering database credentials.

Ссылки

https://cxsecurity.com/issue/WLB-2018060325
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/44977/
Exploit
Third Party Advisory
VDB Entry
https://cxsecurity.com/issue/WLB-2018060325
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/44977/
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:brynamics:brynamics:-:*:*:*:*:*:*:*

EPSS

Процентиль: 95%

0.19886

Средний

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-xprm-wp2v-g9g4

CVSS3: 9.8

github

больше 3 лет назад

Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote attackers to obtain sensitive information via a direct request for the /dashboard/deposit URI, as demonstrated by discovering database credentials.

EPSS

Процентиль: 95%

0.19886

Средний

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200