- Description
- Centrinity FirstClass 7.1 allows remote attackers to access sensitive information by appending search to the end of the URL and checking all of the search option checkboxes and leaving the text field blank, which will return all files in the searched directory.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:centrinity:centrinity_firstclass:7.1:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "6735D6E1-5D8A-431E-B9C1-74ED82AF3DDF"
}
],
"operator": "OR"
}
]
}
]