CVE-2006-3370

2006-07-0620:00:00

mitre

www.cve.org

6.6 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.1%

JSON

Blueboy 1.0.3 stores bb_news_config.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information, including the database configuration.

References

securityreason.com/securityalert/1192

www.securityfocus.com/archive/1/438964/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/27576