CVE-2000-0904
published 2000-12-19CVE-2000-0904: Voyager web server 2.01B in the demo disks for QNX 405 stores sensitive web client information in the .photon directory in the web document root, which allows…
PriorityP417medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
2.69%
84.0th percentile
Voyager web server 2.01B in the demo disks for QNX 405 stores sensitive web client information in the .photon directory in the web document root, which allows remote attackers to obtain that information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| qnx | voyager | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
LightRO CMS 1.0 - 'index.php?projectid' SQL Injection
exploitdb·2007-02-08
CVE-2007-0904 LightRO CMS 1.0 - 'index.php?projectid' SQL Injection
LightRO CMS 1.0 - 'index.php?projectid' SQL Injection
---
exploit2.asp
'[Update: + Get Header
'[Update: + Get Whois Info
'===============================================================================================
%>
function functionControl1(){
setTimeout("functionControl2()",2000);
}
function functionControl2(){
if(document.form1.field1.value==""){
alert("[Exploit Failed]=>The Username and Password Didnt Take,Try Again");
}
}
function writetext() {
if(document.form1.field1.value==""){
document.getElementById('htmlAlani').innerHTML='There is a problem... The Data Didn\'t Take '
}
}
function write(){
setTimeout("writetext()",1000);
}
TARGET:Example:[http://x.com/path]
USER ID:Example:[User
ID=1]
There is a problem! Please complete to the whole spaces"
End If
If
Exploit-DB
QSSL Voyager 2.0 1B - '.photon' Directory Information Disclosure
exploitdb·2000-09-01
CVE-2000-0904 QSSL Voyager 2.0 1B - '.photon' Directory Information Disclosure
QSSL Voyager 2.0 1B - '.photon' Directory Information Disclosure
---
source: https://www.securityfocus.com/bid/1648/info
The web server supplied with the QNX Voyager demo disk contains several vulnerabilities.
First, Voyager will follow relative paths passed to it in requests. This includes ../ style paths, which will allow Voyager to serve pages outside of the "document root".
Another vulnerability is that the web server does not have sufficient security restrictions - this means that the web server can access any file, including protected files and special /dev entries.
As well, due to the integration of the web browser and web server, information used by the Photon GUI is easily exposed by requesting files under /.photon/. Additionally, html files generated by the web browser (erro
No writeups or analysis indexed.
2000-12-19
Published