← back
CVE-2007-1044

CVE-2007-1044

EPSS 8.5%
Pearson Education PowerSchool 4.3.6 allows remote attackers to list the contents of the admin folder via a URI composed of the admin/ directory name and an arbitrary filename ending in ".js." NOTE: it was later reported that this issue had been addressed by 5.1.2.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/29615unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/33741http://securityreason.com/securityalert/2276https://exchange.xforce.ibmcloud.com/vulnerabilities/32569http://www.securityfocus.com/archive/1/460533/100/0/threadedhttp://www.securityfocus.com/archive/1/484569/100/200/threadedhttp://www.securityfocus.com/bid/22611