exploitDog

CVE-2019-19018

Опубликовано: 02 дек. 2019

Источник: nvd

CVSS3: 2.7

CVSS2: 4

EPSS Низкий

Описание

An issue was discovered in TitanHQ WebTitan before 5.18. It exposes a database configuration file under /include/dbconfig.ini in the web administration interface, revealing what database the web application is using.

Ссылки

https://write-up.github.io/webtitan/
Exploit
Third Party Advisory
https://www.webtitan.com/resources/product-updates/
Release Notes
Vendor Advisory
https://write-up.github.io/webtitan/
Exploit
Third Party Advisory
https://www.webtitan.com/resources/product-updates/
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:titanhq:webtitan:*:*:*:*:*:*:*:*

Версия до 5.18 (исключая)

EPSS

Процентиль: 57%

0.00356

Низкий

2.7 Low

CVSS3

4 Medium

CVSS2

Дефекты

CWE-552

Связанные уязвимости

GHSA-32f2-v4v8-76vw

github

больше 3 лет назад

An issue was discovered in TitanHQ WebTitan before 5.18. It exposes a database configuration file under /include/dbconfig.ini in the web administration interface, revealing what database the web application is using.

EPSS

Процентиль: 57%

0.00356

Низкий

2.7 Low

CVSS3

4 Medium

CVSS2

Дефекты

CWE-552