Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2005-2229

Published: 12/07/2005 Updated: 18/10/2016
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Blog Torrent

Vulnerability Summary

Blog Torrent 0.92 and previous versions stores sensitive files under the web document root in the (1) data or (2) torrents directories with insufficient access control, which allows remote malicious users to obtain sensitive information such as account names and password hashes, as demonstrated using data/newusers.

Vulnerable Product Search on Vulmon Subscribe to Product

blog torrent blog torrent

Exploits

Exploit DB: BlogTorrent 0.92 - Remote Password Disclosure
# Edited for easy info /str0ke Software: BlogTorrent 092 <= Vendor: wwwblogtorrentcom/ Author: LazyCrs && pjphem Date: 10/07/2005 Type: Remote/Local User Password Disclosure #0x03 - POC test/path_of_blog/data/newusers = d40:14ae696abdca1688dd577fe486c3981f331457b0d7:Createdi1120957648e5:Ema ...

References

NVD-CWE-Otherhttp://securitytracker.com/id?1014449http://secunia.com/advisories/15983http://marc.info/?l=bugtraq&m=112110868021563&w=2https://nvd.nist.govhttps://www.exploit-db.com/exploits/1097/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook