Lucene search

K
cve[email protected]CVE-2006-2156
HistoryMay 03, 2006 - 10:02 a.m.

CVE-2006-2156

2006-05-0310:02:00
web.nvd.nist.gov
24
cve-2006-2156
directory traversal
x7 chat 2.0
vulnerability
remote attackers
arbitrary file inclusion

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.7%

Directory traversal vulnerability in help/index.php in X7 Chat 2.0 and earlier allows remote attackers to include arbitrary files via … (dot dot) sequences in the help_file parameter.

Affected configurations

NVD
Node
x7_groupx7_chatMatch1.3.2b
OR
x7_groupx7_chatMatch1.3.3b
OR
x7_groupx7_chatMatch1.3.4b
OR
x7_groupx7_chatMatch1.3.5b
OR
x7_groupx7_chatMatch1.3.6
OR
x7_groupx7_chatMatch2.0

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.7%

Related for CVE-2006-2156