Lucene search

[email protected]NVD:CVE-2005-2887

HistorySep 14, 2005 - 8:03 p.m.

CVE-2005-2887

2005-09-1420:03:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.007

Percentile

80.1%

JSON

MAXdev MD-Pro 1.0.73, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to (1) wiki.php, (2) AutoTheme directory, (3) Blocks directory, (4) admin.php, (5) pnadmin.php, or (6) Topics directory, which reveal the path in an error message.

Affected configurations

Nvd

Node

maxdevmd-proMatch1.0.73

VendorProductVersionCPE
maxdevmd-pro1.0.73cpe:2.3:a:maxdev:md-pro:1.0.73:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
maxdev	md-pro	1.0.73	cpe:2.3:a:maxdev:md-pro:1.0.73:::::::*

References

marc.info/?l=bugtraq&m=112603835317458&w=2

rgod.altervista.org/maxdev1073.html

secunia.com/advisories/16731/

exchange.xforce.ibmcloud.com/vulnerabilities/22201

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.007

Percentile

80.1%

JSON

Related for NVD:CVE-2005-2887

cvelist1 cve1