Lucene search
HistoryFeb 13, 2008 - 11:00 p.m.
CVE-2003-1541
planetmoon
guestbook
tr3.a
sensitive information
web root
access control
remote attackers
admin script password
cve-2003-1541
6.2 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.017 Low
EPSS
Percentile
87.8%
PlanetMoon Guestbook tr3.a stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the admin script password, and other passwords, via a direct request to files/passwd.txt.
Affected configurations
Node
planetmoonguestbookMatchtr3.a.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| planetmoon:guestbook | planetmoon guestbook | eq | tr3.a.1 |
Related
nessus
nessus
Guestbook tr3.a Password Disclosure
2003-03-22 00:00:00
nvd
nvd
CVE-2003-1541
2003-12-31 05:00:00
cvelist
cvelist
CVE-2003-1541
2008-02-13 23:00:00
6.2 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.017 Low
EPSS
Percentile
87.8%
Related for CVE-2003-1541