Lucene search

K
cve[email protected]CVE-2006-7001
HistoryOct 03, 2022 - 4:21 p.m.

CVE-2006-7001

2022-10-0316:21:25
web.nvd.nist.gov
22
cve-2006-7001
directory traversal
phpmychat plus
remote attackers
arbitrary file read

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:C/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.6%

Directory traversal vulnerability in avatar.php in PhpMyChat Plus 1.9 and earlier allows remote attackers to read arbitrary files via a … (dot dot) in the L parameter, a different issue than CVE-2006-5897. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD
Node
phpmychat_plusphpmychat_plusRange1.9

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:C/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.6%

Related for CVE-2006-7001