5
CVE-2005-2956
- EPSS 2.87%
- Veröffentlicht 16.09.2005 22:03:00
- Zuletzt bearbeitet 16.06.2026 22:15:58
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginATutor 1.5.1, and possibly earlier versions, stores temporary chat logs under the web document root with insufficient access control and predictable filenames, which allows remote attackers to obtain user chat conversations via direct requests to those files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adaptive Technology Resource Centre ≫ Atutor Version1.5.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.87% | 0.85 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://marc.info/?l=bugtraq&m=112671176100432&w=2
http://rgod.altervista.org/atutor151.html
http://securityreason.com/securityalert/9
http://www.securityfocus.com/bid/14832