CVE-2005-0853

betaparticle blog (bp blog) stores the database under the web root, which allows remote attackers to obtain sensitive information via a direct request to (1) dbBlogMX.mdb for versions before 3.0, or (2) Blog.mdb for versions 3.0 and later. NOTE: it was later reported that vector 2 also affects versions 6.0 through 9.0.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:betaparticle:betaparticle_blog:2.0:*:*:*:*:*:*:*
cpe:2.3:a:betaparticle:betaparticle_blog:3.0:*:*:*:*:*:*:*

History

20 Nov 2024, 23:56

Type Values Removed Values Added
References () http://seclists.org/lists/bugtraq/2005/Mar/0360.html - () http://seclists.org/lists/bugtraq/2005/Mar/0360.html -
References () http://secunia.com/advisories/14668 - Patch, Vendor Advisory () http://secunia.com/advisories/14668 - Patch, Vendor Advisory
References () http://secunia.com/advisories/33233 - () http://secunia.com/advisories/33233 -
References () http://www.securityfocus.com/bid/12861 - Exploit () http://www.securityfocus.com/bid/12861 - Exploit
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/19779 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/19779 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/47419 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/47419 -
References () https://www.exploit-db.com/exploits/7499 - () https://www.exploit-db.com/exploits/7499 -

Information

Published : 2005-05-02 04:00

Updated : 2024-11-20 23:56


NVD link : CVE-2005-0853

Mitre link : CVE-2005-0853

CVE.ORG link : CVE-2005-0853


JSON object : View

Products Affected

betaparticle

  • betaparticle_blog