CVE-2014-2301
OrbiTeam BSCW before 5.0.8 allows remote attackers to obtain sensitive metadata via the inf operations (op=inf) to an object in pub/bscw.cgi/.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0028 (0.3%)
Percentile: 51.6%
EPSS: 2026-05-06
Affects
bscw:bscwTechnical description
OrbiTeam BSCW before 5.0.8 allows remote attackers to obtain sensitive metadata via the inf operations (op=inf) to an object in pub/bscw.cgi/.
Published: 5/12/2014, 2:55:06 PM
Last modified: 5/6/2026, 10:30:45 PM
References
- http://www.bscw.de/english/news.html
- http://www.securityfocus.com/archive/1/532055/100/0/threaded
- https://www.redteam-pentesting.de/en/advisories/rt-sa-2014-003/-metadata-information-disclosure-in-orbiteam-bscw
- http://www.bscw.de/english/news.html
- http://www.securityfocus.com/archive/1/532055/100/0/threaded
- https://www.redteam-pentesting.de/en/advisories/rt-sa-2014-003/-metadata-information-disclosure-in-orbiteam-bscw