Lucene search

[email protected]CVE-2006-2404

HistoryMay 16, 2006 - 1:02 a.m.

CVE-2006-2404

2006-05-1601:02:00

[email protected]

web.nvd.nist.gov

cve-2006-2404

directory traversal

radscripts

radlance gold 7.0

security vulnerability

remote attackers

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.6%

JSON

Directory traversal vulnerability in popup.php in RadScripts RadLance Gold 7.0 allows remote attackers to read arbitrary files via a … (dot dot) in the read parameter.

Affected configurations

NVD

Node

radscriptsradlanceMatch7.0gold

CPENameOperatorVersion
radscripts:radlanceradscripts radlanceeq7.0

CPE	Name	Operator	Version
radscripts:radlance	radscripts radlance	eq	7.0

References

downloads.securityfocus.com/vulnerabilities/exploits/RadLance-0515-lfi.pl

secunia.com/advisories/20133

www.osvdb.org/25522

www.securiteam.com/exploits/5VP0C1FIKY.html

www.securityfocus.com/archive/1/434327/100/0/threaded

www.securityfocus.com/bid/17975

www.vupen.com/english/advisories/2006/1816

exchange.xforce.ibmcloud.com/vulnerabilities/26492

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.6%

JSON

Related for CVE-2006-2404

prion1 cvelist1 nvd1