Shodan
Vulnerabilities
Vulnerable Software
Working Resources Inc.:  >> Badblue  Security Vulnerabilities
CVE-2002-2289
soinfo.php in BadBlue 1.7.1 calls the phpinfo function, which allows remote attackers to gain sensitive information including ODBC passwords.
CVSS Score
5.0
EPSS Score
0.005
Published
2002-12-31
CVE-2002-1021
BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte.
CVSS Score
5.0
EPSS Score
0.034
Published
2002-10-04
CVE-2002-1022
BadBlue server stores passwords in plaintext in the ext.ini file, which could allow local and possibly remote attackers to gain privileges.
CVSS Score
7.5
EPSS Score
0.009
Published
2002-10-04
CVE-2002-1023
BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI.
CVSS Score
5.0
EPSS Score
0.049
Published
2002-10-04
CVE-2002-0800
BadBlue 1.7.0 allows remote attackers to list the contents of directories via a URL with an encoded '%' character at the end.
CVSS Score
5.0
EPSS Score
0.012
Published
2002-08-12
CVE-2002-0325
Directory traversal vulnerability in BadBlue before 1.6.1 allows remote attackers to read arbitrary files via a ... (modified dot dot) in the URL.
CVSS Score
5.0
EPSS Score
0.067
Published
2002-06-25
CVE-2002-0326
Cross-site scripting vulnerability in BadBlue before 1.6.1 beta allows remote attackers to execute arbitrary script and possibly additional commands via a URL that contains Javascript.
CVSS Score
7.5
EPSS Score
0.007
Published
2002-06-25
CVE-2001-1140
BadBlue Personal Edition v1.02 beta allows remote attackers to read source code for executable programs by appending a %00 (null byte) to the request.
CVSS Score
5.0
EPSS Score
0.01
Published
2001-08-22
CVE-2001-0276
ext.dll in BadBlue 1.02.07 Personal Edition web server allows remote attackers to determine the physical path of the server by directly calling ext.dll without any arguments, which produces an error message that contains the path.
CVSS Score
6.4
EPSS Score
0.036
Published
2001-05-03
CVE-2001-0277
Buffer overflow in ext.dll in BadBlue 1.02.07 Personal Edition allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP GET request.
CVSS Score
10.0
EPSS Score
0.053
Published
2001-05-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved