CVE-2013-1402

DigiLIBE 3.4 - Exposure of Sensitive Configuration Information via Direct Request

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-1402. PoCs published by Robert Gilbert.

AI-analyzed exploit summary This is a vulnerability writeup describing an information disclosure vulnerability in DigiLIBE 3.4. The exploit involves accessing a specific URL path to bypass authentication and retrieve sensitive configuration data.

Description

DigiLIBE 3.4 and possibly other versions sends a redirect but does not exit, which allows remote attackers to obtain sensitive configuration information via a direct request to configuration/general_configuration.html.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Robert Gilbert · textwebappsphp
https://www.exploit-db.com/exploits/38234

This is a vulnerability writeup describing an information disclosure vulnerability in DigiLIBE 3.4. The exploit involves accessing a specific URL path to bypass authentication and retrieve sensitive configuration data.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: DigiLIBE 3.4
No auth needed
Prerequisites: Network access to the target application
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Exploit mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2013-01/0095.html

Scores

EPSS 0.0633
EPSS Percentile 92.8%

Details

CWE
CWE-200
Status published
Products (1)
digitiliti/digilibe 3.4
Published Feb 14, 2013
Tracked Since Feb 18, 2026