CVE-2006-4578

2007-01-0320:00:00

flexera

www.cve.org

AI Score

6.3

Confidence

Low

EPSS

0.016

Percentile

87.3%

JSON

export.php in The Address Book 1.04e writes username and password hash information into a publicly accessible file when dumping the MySQL database contents, which allows remote attackers to obtain sensitive information.

References

osvdb.org/32563

secunia.com/advisories/21694

secunia.com/secunia_research/2006-76/advisory/

www.securityfocus.com/bid/21870

exchange.xforce.ibmcloud.com/vulnerabilities/31244