CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2005-2285

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0600%
EPSS Percentile38.60th
Published2005年7月18日
Last Modified2026年4月16日

Vulnerability Description

WebEOC before 6.0.2 stores sensitive information in locations such as URIs, web pages, and configuration files, which allows remote attackers to obtain information such as Usernames, Passwords, Emergency information, medical information, and system configuration.

Affected Platforms (CPE)

📦
Esi Products

Webeoc

<= 6.0.1

References & Advisories

🔗 http://www.kb.cert.org/vuls/id/165290
🔗 http://www.kb.cert.org/vuls/id/JGEI-6BWPXL
🔗 http://www.kb.cert.org/vuls/id/165290
🔗 http://www.kb.cert.org/vuls/id/JGEI-6BWPXL

相關漏洞威脅

CVE-2005-228610.0

WebEOC before 6.0.2 does not properly check user authorization, which allows remote attackers to gain privileges via a direct requ...

CVE-2005-22817.5

WebEOC before 6.0.2 uses a weak encryption scheme for passwords, which makes it easier for attackers to crack passwords.

CVE-2005-22847.5

Multiple SQL injection vulnerabilities in WebEOC before 6.0.2 allow remote attackers to modify SQL statements via unknown attack v...

CVE-2005-40295.0

WebEOC before 6.0.2 allows remote attackers to obtain valid usernames via the HTML source of the WebEOC login webpage, which could...