Lucene search

[email protected]NVD:CVE-2007-1300

HistoryMar 07, 2007 - 12:19 a.m.

CVE-2007-1300

2007-03-0700:19:00

[email protected]

web.nvd.nist.gov

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.006

Percentile

78.5%

JSON

DOURAN Software Technologies ISPUtil 3.32.84.1, and possibly earlier versions, stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain user and reseller data via a direct request for scripts/activesessions.ini. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

Nvd

Node

douran_software_technologiesisputilMatch3.32.84.1

VendorProductVersionCPE
douran_software_technologiesisputil3.32.84.1cpe:2.3:a:douran_software_technologies:isputil:3.32.84.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
douran_software_technologies	isputil	3.32.84.1	cpe:2.3:a:douran_software_technologies:isputil:3.32.84.1:::::::*

References

osvdb.org/33845

secunia.com/advisories/24304

exchange.xforce.ibmcloud.com/vulnerabilities/32800

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.006

Percentile

78.5%

JSON

Related for NVD:CVE-2007-1300

cve1 cvelist1 prion1 securityvulns1