PT-2003-1261 · Mondosearch · Mondosearch+1
Publicado
2003-04-02
·
Atualizado
2008-09-05
·
CVE-2002-1528
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
MondoSearch version 4.4
Description
The issue allows remote attackers to obtain the source code of scripts. This is achieved via the
mask parameter.Recommendations
For MondoSearch version 4.4, avoid using the
mask parameter in the MsmMask.exe until a fix is available. As a temporary workaround, consider restricting access to the MsmMask.exe to minimize the risk of exploitation.Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Mondosearch
Msmmask.Exe