4
CVE-2008-5678
- EPSS 2.02%
- Veröffentlicht 19.12.2008 01:52:58
- Zuletzt bearbeitet 16.06.2026 23:00:47
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginFretwell-Downing Informatics (FDI) OLIB7 WebView 2.5.1.1 allows remote authenticated users to obtain sensitive information from files via the infile parameter to the default URI under cgi/, as demonstrated by the (1) get_settings.ini, (2) setup.ini, and (3) text.ini files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Fdgroup ≫ Olib7 Webview Version2.5.1.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.02% | 0.785 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
https://www.exploit-db.com/exploits/6653
http://securityreason.com/securityalert/4790
http://www.securityfocus.com/bid/31544
https://exchange.xforce.ibmcloud.com/vulnerabilities/45638