CVE-2007-1044

EPSS 8.5%

Pearson Education PowerSchool 4.3.6 allows remote attackers to list the contents of the admin folder via a URI composed of the admin/ directory name and an arbitrary filename ending in ".js." NOTE: it was later reported that this issue had been addressed by 5.1.2.

Productos afectados

n/a · n/a

PoCs públicas encontradas — 1

exploitdbwww.exploit-db.com/exploits/29615no verificado

⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://osvdb.org/33741 http://securityreason.com/securityalert/2276 https://exchange.xforce.ibmcloud.com/vulnerabilities/32569 http://www.securityfocus.com/archive/1/460533/100/0/threaded http://www.securityfocus.com/archive/1/484569/100/200/threaded http://www.securityfocus.com/bid/22611