CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-2956

ATutor 1.5.1, and possibly earlier versions, stores temporary chat logs under the web document root with insufficient access control and predictable filenames, which allows remote attackers to obtain user chat conversations via direct requests to those files.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.036

EPSS Ranking 87.3%

CVSS Severity

CVSS v2 Score 5.0

References

http://marc.info/?l=bugtraq&m=112671176100432&w=2
http://rgod.altervista.org/atutor151.html
http://securityreason.com/securityalert/9
http://www.securityfocus.com/bid/14832
http://marc.info/?l=bugtraq&m=112671176100432&w=2
http://rgod.altervista.org/atutor151.html
http://securityreason.com/securityalert/9
http://www.securityfocus.com/bid/14832

Products affected by CVE-2005-2956

Adaptive Technology Resource Centre » Atutor » Version: 1.5.1

cpe:2.3:a:adaptive_technology_resource_centre:atutor:1.5.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-2956

Products

Pricing

Contact Us