QwikSec

Security Database

CVE

CWE

Training

CVE-2012-0263

Published: Dec 31, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

monitor/index.php in op5 Monitor and op5 Appliance before 5.5.1 allows remote authenticated users to obtain sensitive information such as database and user credentials via error messages that are triggered by (1) a malformed hoststatustypes parameter to status/service/all or (2) a crafted request to config.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_OSVDB

https://bugs.op5.com/view.php?id=5094

x_refsource_CONFIRM

http://www.op5.com/news/support-news/fixed-vulnerabilities-op5-monitor-op5-appliance/

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

20120107 OP5 Monitor - Multiple Vulnerabilities

mailing-list

x_refsource_FULLDISC

http://www.ekelow.se/file_uploads/Advisories/ekelow-aid-2012-01.pdf

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.