CVE-2004-2060
published 2004-12-31CVE-2004-2060: ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote attackers to obtain the database via a direct request to the…
PriorityP432medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
7.94%
94.0th percentile
ASPRunner 2.4 stores the database under the web root in the db directory, which may allow remote attackers to obtain the database via a direct request to the database filename, which is predictable based on table and field names.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| xlinesoft | asprunner | — | — |
| xlinesoft | asprunner | — | — |
| xlinesoft | asprunner | — | — |
| xlinesoft | asprunner | — | — |
| xlinesoft | asprunner | — | — |
| xlinesoft | asprunner | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0011.htmlhttp://ferruh.mavituna.com/article/?574http://marc.info/?l=bugtraq&m=109086977330418&w=2http://secunia.com/advisories/12164http://securitytracker.com/id?1010777http://www.osvdb.org/8253http://www.securityfocus.com/bid/10799https://exchange.xforce.ibmcloud.com/vulnerabilities/16802http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0011.htmlhttp://ferruh.mavituna.com/article/?574http://marc.info/?l=bugtraq&m=109086977330418&w=2http://secunia.com/advisories/12164http://securitytracker.com/id?1010777http://www.osvdb.org/8253http://www.securityfocus.com/bid/10799https://exchange.xforce.ibmcloud.com/vulnerabilities/16802
2004-12-31
Published