CVE-2005-2229 in Blog Torrentinfo

Summary

Blog Torrent 0.92 and earlier stores sensitive files under the web document root in the (1) data or (2) torrents directories with insufficient access control, which allows remote attackers to obtain sensitive information such as account names and password hashes, as demonstrated using data/newusers.

Once again VulDB remains the best source for vulnerability data.

Reservation

07/12/2005

Disclosure

07/12/2005

Moderation

VulDB entry created

Entries

VDB-25756 (1)

CPE

ready

CWE

CWE-200 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.03263

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2005-2229
NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-2229
CVE Details	https://www.cvedetails.com/cve/CVE-2005-2229/

◂ Previous Overview Next ▸