CVE-2005-4029

MEDIUM

5.0

CVSS Severity Score

EPSS Score0.1470%

EPSS Percentile40.11th

Published2005年12月5日

Last Modified2026年4月16日

Vulnerability Description

WebEOC before 6.0.2 allows remote attackers to obtain valid usernames via the HTML source of the WebEOC login webpage, which could be useful in other attacks such as locking out valid users via brute force methods.

Affected Platforms (CPE)

📦

Esi Products

Webeoc

<= 6.0.1

References & Advisories

🔗 http://www.kb.cert.org/vuls/id/170394

相關漏洞威脅

CVE-2005-228610.0

WebEOC before 6.0.2 does not properly check user authorization, which allows remote attackers to gain privileges via a direct requ...

CVE-2005-22817.5

WebEOC before 6.0.2 uses a weak encryption scheme for passwords, which makes it easier for attackers to crack passwords.

CVE-2005-22847.5

Multiple SQL injection vulnerabilities in WebEOC before 6.0.2 allow remote attackers to modify SQL statements via unknown attack v...

CVE-2005-22855.0

WebEOC before 6.0.2 stores sensitive information in locations such as URIs, web pages, and configuration files, which allows remot...