Lucene search

[email protected]CVE-2006-6849

HistoryDec 31, 2006 - 5:00 a.m.

CVE-2006-6849

2006-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

security

cve-2006-6849

authentication

unauthorized access

remote attackers

cahier de texte

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.032 Low

EPSS

Percentile

91.1%

JSON

administration/index.php in Cahier de texte (CDT) 2.2 does not properly exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions.

CPENameOperatorVersion
cahier_de_textes:cahier_de_textescahier de texteseq2.2

CPE	Name	Operator	Version
cahier_de_textes:cahier_de_textes	cahier de textes	eq	2.2

References

acid-root.new.fr/poc/17061224.txt

www.securityfocus.com/archive/1/455299/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/31132

www.exploit-db.com/exploits/3016

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.032 Low

EPSS

Percentile

91.1%

JSON