Lucene search

K
cve[email protected]CVE-2006-2698
HistoryMay 31, 2006 - 10:06 a.m.

CVE-2006-2698

2006-05-3110:06:00
NVD-CWE-Other
web.nvd.nist.gov
18
cve-2006-2698
geeklog
security vulnerability
remote attack

7.5 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.015 Low

EPSS

Percentile

86.6%

Geeklog 1.4.0sr2 and earlier allows remote attackers to obtain the full installation path via a direct request and possibly invalid arguments to (1) layout/professional/functions.php or (2) getimage.php.

7.5 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.015 Low

EPSS

Percentile

86.6%

Related for CVE-2006-2698