CVE-2005-1136

Sažetak

Simple PHP Blog (sphpBlog) 0.4.0 stores the (1) password.txt and (2) config.txt files under the web document root, which allows remote attackers to obtain sensitive information and crack passwords via a direct request to these files.

Reference

http://echo.or.id/adv/adv12-y3dips-2005.txt
http://marc.info/?l=bugtraq&m=111359320312609&w=2
http://www.waraxe.us/ftopict-651.html

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

18-10-2016 - 03:17

Objavljeno

14-04-2005 - 04:00