NEXTWEB (i)Site stores databases under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to databases/Users.mdb.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=111764682925083&w=2 | Third Party Advisory |
http://secunia.com/advisories/15560 | Broken Link Exploit Vendor Advisory |
http://securitytracker.com/id?1014085 | Broken Link Third Party Advisory VDB Entry |
Configurations
History
25 Jan 2024, 21:50
Type | Values Removed | Values Added |
---|---|---|
References | (SECTRACK) http://securitytracker.com/id?1014085 - Broken Link, Third Party Advisory, VDB Entry | |
References | (BUGTRAQ) http://marc.info/?l=bugtraq&m=111764682925083&w=2 - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/15560 - Broken Link, Exploit, Vendor Advisory | |
CWE | CWE-552 |
Information
Published : 2005-06-01 04:00
Updated : 2024-02-28 10:42
NVD link : CVE-2005-1835
Mitre link : CVE-2005-1835
CVE.ORG link : CVE-2005-1835
JSON object : View
Products Affected
nextweb
- nextweb_\(i\)site
CWE
CWE-552
Files or Directories Accessible to External Parties