Lucene search

[email protected]NVD:CVE-2006-0604

HistoryFeb 08, 2006 - 11:02 p.m.

CVE-2006-0604

2006-02-0823:02:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.016

Percentile

87.6%

JSON

check.php in Hinton Design phphg Guestbook 1.2 does not check the user password when authenticating via cookies, which allows remote attackers to gain unauthorized access.

Affected configurations

Nvd

Node

hinton_designphphg_guestbookMatch1.2

VendorProductVersionCPE
hinton_designphphg_guestbook1.2cpe:2.3:a:hinton_design:phphg_guestbook:1.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hinton_design	phphg_guestbook	1.2	cpe:2.3:a:hinton_design:phphg_guestbook:1.2:::::::*

References

evuln.com/vulns/58/description.html

secunia.com/advisories/18758

securitytracker.com/id?1015620

www.securityfocus.com/archive/1/424740/100/0/threaded

www.securityfocus.com/bid/16541

www.vupen.com/english/advisories/2006/0480

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.016

Percentile

87.6%

JSON

Related for NVD:CVE-2006-0604

cvelist1 cve1 prion1 packetstorm1 securityvulns1