Lucene search

[email protected]CVE-2006-3390

HistoryJul 06, 2006 - 8:05 p.m.

CVE-2006-3390

2006-07-0620:05:00

[email protected]

web.nvd.nist.gov

wordpress

cve-2006-3390

path disclosure

security vulnerability

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.0%

JSON

WordPress 2.0.3 allows remote attackers to obtain the installation path via a direct request to various files, such as those in the (1) wp-admin, (2) wp-content, and (3) wp-includes directories, possibly due to uninitialized variables.

Affected configurations

NVD

Node

wordpresswordpressMatch2.0.3

CPENameOperatorVersion
wordpress:wordpresswordpresseq2.0.3

CPE	Name	Operator	Version
wordpress:wordpress	wordpress	eq	2.0.3

References

secunia.com/advisories/20928

secunia.com/advisories/21447

security.gentoo.org/glsa/glsa-200608-19.xml

securityreason.com/securityalert/1187

www.securityfocus.com/archive/1/438942/100/0/threaded

www.securityfocus.com/archive/1/439062/100/0/threaded

www.securityfocus.com/bid/18779

www.vupen.com/english/advisories/2006/2661

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.0%

JSON

Related for CVE-2006-3390

debiancve2 cvelist2 nvd2 ubuntucve2 patchstack1 openvas2 gentoo1 cve1 nessus1