Lucene search
HistoryMar 28, 2006 - 10:02 p.m.
CVE-2006-1432
cve-2006-1432
fusionzone
couponzone
remote attackers
path disclosure
web server
sensitive information
sql manipulation
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.6 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
76.2%
fusionZONE couponZONE 4.2 allows remote attackers to obtain the full path of the web server, and other sensitive information, via invalid values, as demonstrated using manipulations associated with SQL.
Affected configurations
Node
fusionzonecouponzoneMatch4.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| fusionzone:couponzone | fusionzone couponzone | eq | 4.2 |
Related
cvelist
cvelist
CVE-2006-1432
2006-03-28 22:00:00
prion
prion
Design/Logic Flaw
2006-03-28 22:02:00
nvd
nvd
CVE-2006-1432
2006-03-28 22:02:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.6 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
76.2%
Related for CVE-2006-1432