CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-0583

WorkforceROI Xpede 4.1 uses a small random namespace (5 alphanumeric characters) for temporary expense claim reports in the /reports/temp directory, which allows remote attackers to read the reports via a brute force attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 77.9%

CVSS Severity

CVSS v2 Score 5.0

References

http://archives.neohapsis.com/archives/bugtraq/2002-04/0273.html
http://www.iss.net/security_center/static/8905.php
http://www.securityfocus.com/bid/4554
http://archives.neohapsis.com/archives/bugtraq/2002-04/0273.html
http://www.iss.net/security_center/static/8905.php
http://www.securityfocus.com/bid/4554

Products affected by CVE-2002-0583

Workforceroi » Xpede » Version: 4.1

cpe:2.3:a:workforceroi:xpede:4.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-0583

Products

Pricing

Contact Us