Lucene search

[email protected]CVE-2006-3050

HistoryJun 16, 2006 - 10:02 a.m.

CVE-2006-3050

2006-06-1610:02:00

[email protected]

web.nvd.nist.gov

cve-2006-3050

sixcms

directory traversal

vulnerability

sixcms 6.0

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

7 High

AI Score

Confidence

Low

0.013 Low

EPSS

Percentile

85.6%

JSON

Directory traversal vulnerability in detail.php in SixCMS 6.0, and other versions before 6.0.6patch2, allows remote attackers to read arbitrary files via a … (dot dot) sequence and trailing null (%00) byte in the template parameter.

Affected configurations

NVD

Node

six_offene_systeme_gmbhsixcmsRange≤6.0

CPENameOperatorVersion
six_offene_systeme_gmbh:sixcmssix offene systeme gmbh sixcmsle6.0

CPE	Name	Operator	Version
six_offene_systeme_gmbh:sixcms	six offene systeme gmbh sixcms	le	6.0

References

securityreason.com/securityalert/1101

securitytracker.com/id?1016282

www.majorsecurity.de/advisory/major_rls17.txt

www.securityfocus.com/archive/1/437047/100/0/threaded

www.securityfocus.com/archive/1/437639/100/0/threaded

www.securityfocus.com/bid/18395

exchange.xforce.ibmcloud.com/vulnerabilities/27107

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

7 High

AI Score

Confidence

Low

0.013 Low

EPSS

Percentile

85.6%

JSON

Related for CVE-2006-3050

nvd1 cvelist1