Lucene search

[email protected]CVE-2006-1680

HistoryApr 11, 2006 - 12:02 a.m.

CVE-2006-1680

2006-04-1100:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-1680

jupiter cms

display_errors

remote attack

path disclosure

security vulnerability

7.4 High

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.007 Low

EPSS

Percentile

79.2%

JSON

Jupiter CMS 1.1.5, when display_errors is enabled, allows remote attackers to obtain the full server path via a direct request to modules/online.php.

CPENameOperatorVersion
jupiter_cms:jupiter_cmsjupiter cmseq1.1.5

CPE	Name	Operator	Version
jupiter_cms:jupiter_cms	jupiter cms	eq	1.1.5

References

secunia.com/advisories/19582

www.securityfocus.com/archive/1/430391/100/0/threaded

www.vupen.com/english/advisories/2006/1302

exchange.xforce.ibmcloud.com/vulnerabilities/25703

7.4 High

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.007 Low

EPSS

Percentile

79.2%

JSON

Related for CVE-2006-1680

prion1