Lucene search

MitreCVE-2006-6229

HistoryDec 02, 2006 - 2:28 a.m.

CVE-2006-6229

2006-12-0202:28:00

mitre

web.nvd.nist.gov

codewalkers

ltwcalendar

php event calendar

password security

log file privacy

cve-2006-6229

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.9

Confidence

Low

EPSS

0.002

Percentile

62.4%

JSON

Codewalkers ltwCalendar (aka PHP Event Calendar) before 4.2.1 logs failed passwords, which might allow attackers to infer correct passwords from the log file.

Affected configurations

Nvd

Node

codewalkersltwcalendarMatch4.1.3

codewalkersltwcalendarMatch4.2

VendorProductVersionCPE
codewalkersltwcalendar4.1.3cpe:2.3:a:codewalkers:ltwcalendar:4.1.3:*:*:*:*:*:*:*
codewalkersltwcalendar4.2cpe:2.3:a:codewalkers:ltwcalendar:4.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
codewalkers	ltwcalendar	4.1.3	cpe:2.3:a:codewalkers:ltwcalendar:4.1.3:::::::*
codewalkers	ltwcalendar	4.2	cpe:2.3:a:codewalkers:ltwcalendar:4.2:::::::*

References

ltwcalendar.sourceforge.net/changelog.php

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.9

Confidence

Low

EPSS

0.002

Percentile

62.4%

JSON

Related for CVE-2006-6229