cpe:/a:workforceroi:xpede:4.1 CVE-2002-0580 2002-06-18T00:00:00.000-04:00 2008-09-05T16:28:24.100-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20020419 Xpede many vulnerabilities BID 4553 XF xpede-datasource-reveal-account(8902) WorkforceROI Xpede 4.1 allows remote attackers to obtain the database username via a request to datasource.asp, which leaks the username in a form and allows the attacker to more easily conduct brute force password guessing attacks.