CVE-2006-1201
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
84.5%
Directory traversal vulnerability in resetpw.php in eschew.net phpBannerExchange 2.0 and earlier, and other versions before 2.0 Update 5, allows remote attackers to read arbitrary files via a … (dot dot) in the email parameter during a “Recover password” operation (recoverpw.php).
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| eschew.net | phpbannerexchange | 2.0 | cpe:2.3:a:eschew.net:phpbannerexchange:2.0:*:*:*:*:*:*:* |
| eschew.net | phpbannerexchange | 2.0_update_1 | cpe:2.3:a:eschew.net:phpbannerexchange:2.0_update_1:*:*:*:*:*:*:* |
| eschew.net | phpbannerexchange | 2.0_update_2 | cpe:2.3:a:eschew.net:phpbannerexchange:2.0_update_2:*:*:*:*:*:*:* |
| eschew.net | phpbannerexchange | 2.0_update_3 | cpe:2.3:a:eschew.net:phpbannerexchange:2.0_update_3:*:*:*:*:*:*:* |
| eschew.net | phpbannerexchange | 2.0_update_4 | cpe:2.3:a:eschew.net:phpbannerexchange:2.0_update_4:*:*:*:*:*:*:* |
References
archives.neohapsis.com/archives/fulldisclosure/2006-02/0879.html
secunia.com/advisories/19127
www.eschew.net/scripts/phpbe/2.0/releasenotes.php
www.h4cky0u.org/advisories/HYSA-2006-004-phpbanner.txt
www.osvdb.org/23720
www.securityfocus.com/archive/1/426940/100/0/threaded
www.securityfocus.com/bid/16996
www.vupen.com/english/advisories/2006/0869
exchange.xforce.ibmcloud.com/vulnerabilities/25071
exchange.xforce.ibmcloud.com/vulnerabilities/25080
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
84.5%