← back
CVE-2008-5678

CVE-2008-5678

EPSS 2.0%
Fretwell-Downing Informatics (FDI) OLIB7 WebView 2.5.1.1 allows remote authenticated users to obtain sensitive information from files via the infile parameter to the default URI under cgi/, as demonstrated by the (1) get_settings.ini, (2) setup.ini, and (3) text.ini files.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/6653unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://securityreason.com/securityalert/4790https://exchange.xforce.ibmcloud.com/vulnerabilities/45638https://www.exploit-db.com/exploits/6653http://www.securityfocus.com/bid/31544