Lucene search

[email protected]CVE-2006-6262

HistoryDec 04, 2006 - 11:28 a.m.

CVE-2006-6262

2006-12-0411:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-6262

directory traversal

mboard.php

phpjunkyard

mboard 1.22

7.5 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.017 Low

EPSS

Percentile

87.6%

JSON

Directory traversal vulnerability in mboard.php in PHPJunkYard (aka Klemen Stirn) MBoard 1.22 and earlier allows remote attackers to create arbitrary empty files via a … (dot dot) in the orig_id parameter.

CPENameOperatorVersion
phpjunkyard:phpjunkyard_mboardphpjunkyard phpjunkyard mboardle1.22

CPE	Name	Operator	Version
phpjunkyard:phpjunkyard_mboard	phpjunkyard phpjunkyard mboard	le	1.22

References

secunia.com/advisories/23129

securityreason.com/securityalert/1988

www.mayhemiclabs.com/advisories/MHL-2006-004.txt

www.mayhemiclabs.com/wiki/wikka.php?wakka=MHL2006004

www.securityfocus.com/archive/1/452772/100/0/threaded

www.securityfocus.com/bid/21304

www.vupen.com/english/advisories/2006/4769

exchange.xforce.ibmcloud.com/vulnerabilities/30558

7.5 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.017 Low

EPSS

Percentile

87.6%

JSON