Main Vulnerability Database Exploits ID:3964 - Exploit for Information disclosure in SearchBlox - CVE-2013-3597

ID:3964 - Exploit for Information disclosure in SearchBlox - CVE-2013-3597

Published: August 11, 2020

Vulnerability identifier: #VU42625

Vulnerability risk: Medium

CVE-ID: CVE-2013-3597

CWE-ID: CWE-200

Exploitation vector: Remote access

Vulnerable software:
SearchBlox

Link to public exploit:

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

servlet/CollectionListServlet in SearchBlox before 7.5 build 1 allows remote attackers to read usernames and passwords via a getList action.

Install update from vendor's website.