Lucene search

K
cve[email protected]CVE-2007-0518
HistoryJan 26, 2007 - 1:28 a.m.

CVE-2007-0518

2007-01-2601:28:00
web.nvd.nist.gov
18
smart php subscriber
vulnerability
remote attackers
encoded passwords
access control

6.3 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.039 Low

EPSS

Percentile

92.0%

Scriptsez Smart PHP Subscriber (aka subscribe) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain encoded passwords via a direct request for pwd.txt.

Affected configurations

NVD
Node
scriptsezsmart_php_subscriber

6.3 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.039 Low

EPSS

Percentile

92.0%

Related for CVE-2007-0518