CVE-2005-2029

Description

amaroK Web Frontend 1.3 stores the globals.inc file under the web root without a .php extension and insufficient access control, which allows remote attackers to obtain the database username and password via a direct request to the file.

Affected Software
References

Software	From	Fixed in
amarok / web_frontend	1.3	1.3.x

http://secunia.com/advisories/15736
http://sourceforge.net/project/shownotes.php?release_id=335719

Severity: High

CVE: CVE-2005-2029
Published: Jun 17, 2005
Updated: Apr 13, 2023
Exploit:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CVE-2005-2029

Description

Details

CVSS v2