CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-2342

Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ban.dat and (4) banmat.pwd data files under the web document root with insufficient access control, which allows attackers to obtain sensitive information via a direct request for the files.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.1%

CVSS Severity

CVSS v2 Score 5.0

References

http://marc.info/?l=vuln-dev&m=102121925428844&w=2
http://www.ifrance.com/kitetoua/tuto/5holes5.txt
http://www.securityfocus.com/bid/4738
http://marc.info/?l=vuln-dev&m=102121925428844&w=2
http://www.ifrance.com/kitetoua/tuto/5holes5.txt
http://www.securityfocus.com/bid/4738

Products affected by CVE-2002-2342

Joe Depasquale » Bannermatic » Version: 1.0

cpe:2.3:a:joe_depasquale:bannermatic:1.0
Joe Depasquale » Bannermatic » Version: 2.0

cpe:2.3:a:joe_depasquale:bannermatic:2.0
Joe Depasquale » Bannermatic » Version: 3.0

cpe:2.3:a:joe_depasquale:bannermatic:3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-2342

Products

Pricing

Contact Us