Vulnerabilities > CVE-2007-3079 - Information Disclosure vulnerability in EQdkp

CVSS 7.1 - HIGH

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

NONE

Availability impact

NONE

network

eqdkp

NVD

Published: 2007-06-06

Updated: 2017-07-29

Summary

listmembers.php in EQdkp 1.3.2c and earlier allows remote attackers to obtain sensitive information via an invalid compare parameter, which reveals the path.

Vulnerable Configurations

Part	Description	Count
Application	Eqdkp Eqdkp Eqdkp *	1

References

http://marc.info/?l=full-disclosure&m=118093304724372&w=2
http://osvdb.org/38363
https://exchange.xforce.ibmcloud.com/vulnerabilities/34694