Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ban.dat and (4) banmat.pwd data files under the web document root with insufficient access control, which allows attackers to obtain sensitive information via a direct request for the files.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2002-12-31 05:00
Updated : 2024-02-28 10:24
NVD link : CVE-2002-2342
Mitre link : CVE-2002-2342
CVE.ORG link : CVE-2002-2342
JSON object : View
Products Affected
joe_depasquale
- bannermatic
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor