CVE-2005-2029
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2005-2029
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
amaroK Web Frontend 1.3 stores the globals.inc file under the web root without a .php extension and insufficient access control, which allows remote attackers to obtain the database username and password via a direct request to the file.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
amaroK Web Frontend 'globals.inc'敏感信息泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
amaroK Web Frontend 1.3对web根目录下存储的globals.inc文件未加.php扩展名,且访问控制不足,远程攻击者可利用此漏洞借助对该文件的直接请求获得数据库用户名和密码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2005-2029
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2005-2029
请登录查看更多情报信息。
- http://sourceforge.net/project/shownotes.php?release_id=335719x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2005-2029
Same Patch Batch · n/a · 2005-06-21 · 163 CVEs total
| CVE-2002-1753 | CSNews Professional远程执行任意命令漏洞 | |
| CVE-2002-1743 | Mirabilis ICQ .hpf本地拒绝服务攻击漏洞 | |
| CVE-2002-1744 | Microsoft IIS示例脚本CodeBrws.asp远程读取特定脚本源码漏洞 | |
| CVE-2002-1745 | Microsoft IIS CodeBrws.ASP检查文件扩展名不当漏洞 | |
| CVE-2002-1746 | Vtun漏洞 | |
| CVE-2002-1747 | Vtun数据安全受到威胁 | |
| CVE-2002-1748 | Slashcode登录任意用户帐号漏洞 | |
| CVE-2002-1749 | Microsoft Windows 2000务器终端服务故障锁定终端漏洞 | |
| CVE-2002-1750 | CSGuestbook可远程执行任意命令漏洞 | |
| CVE-2002-1751 | CSLiveSupport远程执行任意命令漏洞 | |
| CVE-2002-1752 | CSChat-R-Box远程执行任意命令漏洞 | |
| CVE-2002-1758 | PHPProjekt未授权脚本可访问漏洞 | |
| CVE-2002-1762 | Microsoft Baseline Security Analyzer报告文件明文存放漏洞 | |
| CVE-2002-1761 | PHProjekt目录遍历漏洞 | |
| CVE-2002-1760 | PHPProjekt可插入SQL命令漏洞 | |
| CVE-2002-1759 | PHPProjekt本地文件可读取漏洞 | |
| CVE-2002-1756 | ACD Systems ACDSee Photo Album文件描述缓冲区溢出漏洞 | |
| CVE-2002-1754 | Novell NetWare Client缓冲区溢出漏洞 | |
| CVE-2002-1755 | tinc 1.0pre3 和 1.0pre4 VPN数据漏洞 | |
| CVE-2002-1742 | SOAP::Lite远程任意命令可执行漏洞 |
Showing top 20 of 163 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2005-2029
No comments yet