Lucene search

[email protected]NVD:CVE-2006-1332

HistoryMar 21, 2006 - 1:06 a.m.

CVE-2006-1332

2006-03-2101:06:00

[email protected]

web.nvd.nist.gov

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

AI Score

6.2

Confidence

Low

EPSS

0.012

Percentile

85.0%

JSON

Noah’s Classifieds 1.3 and earlier allows remote attackers to obtain sensitive information via an invalid list parameter in the showdetails method to index.php, which reveals the path in an error message.

Affected configurations

Nvd

Node

phpoutsourcingnoahs_classifiedsRange≤1.3

VendorProductVersionCPE
phpoutsourcingnoahs_classifieds*cpe:2.3:a:phpoutsourcing:noahs_classifieds:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phpoutsourcing	noahs_classifieds	*	cpe:2.3:a:phpoutsourcing:noahs_classifieds::::::::

References

securityreason.com/securityalert/471

securityreason.com/securityalert/605

www.securityfocus.com/archive/1/428157

exchange.xforce.ibmcloud.com/vulnerabilities/25331

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

AI Score

6.2

Confidence

Low

EPSS

0.012

Percentile

85.0%

JSON

Related for NVD:CVE-2006-1332

cve1 prion1 cvelist1