CyberSec.Space Logo
Back to CVE Browser

CVE-2005-2285

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0600%
EPSS Percentile38.60th
PublishedJul 18, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

WebEOC before 6.0.2 stores sensitive information in locations such as URIs, web pages, and configuration files, which allows remote attackers to obtain information such as Usernames, Passwords, Emergency information, medical information, and system configuration.

Affected Platforms (CPE)

πŸ“¦
Esi Products

Webeoc

<= 6.0.1

References & Advisories

πŸ”— http://www.kb.cert.org/vuls/id/165290
πŸ”— http://www.kb.cert.org/vuls/id/JGEI-6BWPXL
πŸ”— http://www.kb.cert.org/vuls/id/165290
πŸ”— http://www.kb.cert.org/vuls/id/JGEI-6BWPXL

Related Vulnerabilities

CVE-2005-228610.0

WebEOC before 6.0.2 does not properly check user authorization, which allows remote attackers to gain privileges via a direct requ...

CVE-2005-22817.5

WebEOC before 6.0.2 uses a weak encryption scheme for passwords, which makes it easier for attackers to crack passwords.

CVE-2005-22847.5

Multiple SQL injection vulnerabilities in WebEOC before 6.0.2 allow remote attackers to modify SQL statements via unknown attack v...

CVE-2005-40295.0

WebEOC before 6.0.2 allows remote attackers to obtain valid usernames via the HTML source of the WebEOC login webpage, which could...