VYPR

Xitami

by Xitami

CVEs (2)

  • CVE-2001-1481CriDec 31, 2001
    risk 0.64cvss 9.8epss 0.03

    Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, whose default permissions are world-readable, which allows remote attackers to gain privileges.

  • CVE-2000-1225Dec 31, 2000
    risk 0.00cvss epss 0.01

    Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin directory, which allows remote attackers to gain sensitive configuration information about the web server by accessing the program.