{"id": "CVE-2006-5759", "bulletinFamily": "NVD", "title": "CVE-2006-5759", "description": "index.php in Rhadrix If-CMS, possibly 1.01 and 2.07, allows remote attackers to obtain the full path of the web server via empty (1) rns[] or (2) pag[] arguments, which reveals the path in an error message.", "published": "2006-11-06T22:07:00", "modified": "2018-10-17T21:44:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5759", "reporter": "cve@mitre.org", "references": ["http://s-a-p.ca/index.php?page=OurAdvisories&id=5", "http://securityreason.com/securityalert/1825", "http://www.securityfocus.com/archive/1/450566/100/0/threaded", "https://exchange.xforce.ibmcloud.com/vulnerabilities/30012"], "cvelist": ["CVE-2006-5759"], "type": "cve", "lastseen": "2019-05-29T18:08:34", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "ae537c457987da7ea515bf0c71c025e7"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "3d914f72f8f6c716d69b68999cfad344"}, {"key": "cpe23", "hash": "f923ddd1b85c7a2746ec0381bba5af49"}, {"key": "cvelist", "hash": "b1b2785eb855924bbcbbfe630e7c686b"}, {"key": "cvss", "hash": "a89198c45ce87f7ec9735a085150b708"}, {"key": "cvss2", "hash": "f30109dfdbfbf783c0b61792a6b2c20a"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "bf056c983035beadf6c4482bc9390d3f"}, {"key": "href", "hash": "00a5aee293cc15c07facccf46f4345e3"}, {"key": "modified", "hash": "8012cf23a8e9c73c38ae0b0cadb5e006"}, {"key": "published", "hash": "8512e9cf2c10c99b55b6656a38213973"}, {"key": "references", "hash": "f424a05aff010fba6c700187928371d8"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "ffec66ae56d42b2e360bf823a0496850"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "df2b7cfa93d48ccd045f0f86dec6a7356f0c759fa1880d7d846fbbc1dddccdb7", "viewCount": 0, "enchantments": {"score": {"value": 5.6, "vector": "NONE", "modified": "2019-05-29T18:08:34"}, "dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:30204"]}], "modified": "2019-05-29T18:08:34"}, "vulnersScore": 5.6}, "objectVersion": "1.3", "cpe": ["cpe:/a:rhadrix:if-cms:1.01", "cpe:/a:rhadrix:if-cms:2.07"], "affectedSoftware": [{"name": "rhadrix if-cms", "operator": "eq", "version": "1.01"}, {"name": "rhadrix if-cms", "operator": "eq", "version": "2.07"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:rhadrix:if-cms:2.07:*:*:*:*:*:*:*", "cpe:2.3:a:rhadrix:if-cms:1.01:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"]}

{"osvdb": [{"lastseen": "2017-04-28T13:20:26", "bulletinFamily": "software", "description": "## Manual Testing Notes\n/index.php?rns[]=\n/index.php?pag[]=\n## References:\nVendor URL: http://www.rhadrix.com/\n[Secunia Advisory ID:22715](https://secuniaresearch.flexerasoftware.com/advisories/22715/)\n[Related OSVDB ID: 30203](https://vulners.com/osvdb/OSVDB:30203)\nOther Advisory URL: http://s-a-p.ca/index.php?page=OurAdvisories&id=5\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-11/0066.html\nISS X-Force ID: 30012\n[CVE-2006-5759](https://vulners.com/cve/CVE-2006-5759)\n", "modified": "2006-11-04T07:33:55", "published": "2006-11-04T07:33:55", "href": "https://vulners.com/osvdb/OSVDB:30204", "id": "OSVDB:30204", "title": "If-CMS index.php Multiple Variable Path Disclosure", "type": "osvdb", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}]}