CVE-2006-6457

2006-12-1117:00:00

mitre

www.cve.org

6.3 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.0%

JSON

tiki-wiki_rss.php in Tikiwiki 1.9.5, 1.9.2, and possibly other versions allows remote attackers to obtain sensitive information (MySQL username and password) via an invalid (large or negative) ver parameter, which leaks the information in an error message.

References

www.securityfocus.com/archive/1/452639/100/200/threaded