Lucene search

K
cve[email protected]CVE-2006-2156
HistoryMay 03, 2006 - 10:02 a.m.

CVE-2006-2156

2006-05-0310:02:00
web.nvd.nist.gov
24
cve-2006-2156
directory traversal
x7 chat 2.0
vulnerability
remote attackers
arbitrary file inclusion

6.7 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.014 Low

EPSS

Percentile

86.6%

Directory traversal vulnerability in help/index.php in X7 Chat 2.0 and earlier allows remote attackers to include arbitrary files via … (dot dot) sequences in the help_file parameter.

Affected configurations

NVD
Node
x7_groupx7_chatMatch1.3.2b
OR
x7_groupx7_chatMatch1.3.3b
OR
x7_groupx7_chatMatch1.3.4b
OR
x7_groupx7_chatMatch1.3.5b
OR
x7_groupx7_chatMatch1.3.6
OR
x7_groupx7_chatMatch2.0

6.7 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.014 Low

EPSS

Percentile

86.6%

Related for CVE-2006-2156