Lucene search

[email protected]CVE-2006-6829

HistoryDec 31, 2006 - 5:00 a.m.

CVE-2006-6829

2006-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-6829

efkan forum

sensitive information

web security

access control

7.2 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.004 Low

EPSS

Percentile

71.7%

JSON

Efkan Forum 1.0 and earlier store sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for forum.mdb. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

CPENameOperatorVersion
efkan_forum:efkan_forumefkan forumle1.0

CPE	Name	Operator	Version
efkan_forum:efkan_forum	efkan forum	le	1.0

References

www.vupen.com/english/advisories/2006/5150

7.2 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.004 Low

EPSS

Percentile

71.7%

JSON