关键信息 漏洞概要 漏洞名称: Ezboo webstats access to sensitive files 风险等级: Medium 是否本地: No 是否远程: Yes CVE编号: CVE-2007-1043 CWE编号: CWE-Other CVSS评分 Base Score: 7.5/10 Impact Subscore: 6.4/10 Exploitability Subscore: 10/10 Attack complexity: Low Authentication: No required Confidentiality impact: Partial Integrity impact: Partial Availability impact: Partial 漏洞细节 发现者: sn00Py 相关站点: http://www.ezboo.com/softs 利用方式: - 只需将以下文件添加到URL: - http://www.target.ma/ezwebstats/update.php - http://www.target.ma/ezwebstats/config.php 搜索词(Dork) 联系方式 联系人: sn00Py (at) avenir-geopolitique (dot) net (email concealed) 参考链接 http://forums.avenir-geopolitique.net http://forums.avenir-geopolitique.net/viewtopic.php?t=2674