Lucene search

[email protected]NVD:CVE-2006-2156

HistoryMay 03, 2006 - 10:02 a.m.

CVE-2006-2156

2006-05-0310:02:00

[email protected]

web.nvd.nist.gov

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.7%

JSON

Directory traversal vulnerability in help/index.php in X7 Chat 2.0 and earlier allows remote attackers to include arbitrary files via … (dot dot) sequences in the help_file parameter.

Affected configurations

NVD

Node

x7_groupx7_chatMatch1.3.2b

x7_groupx7_chatMatch1.3.3b

x7_groupx7_chatMatch1.3.4b

x7_groupx7_chatMatch1.3.5b

x7_groupx7_chatMatch1.3.6

x7_groupx7_chatMatch2.0

References

secunia.com/advisories/19886

securityreason.com/securityalert/829

www.osvdb.org/25149

www.securityfocus.com/archive/1/432716/100/0/threaded

www.securityfocus.com/bid/17777

www.vupen.com/english/advisories/2006/1608

exchange.xforce.ibmcloud.com/vulnerabilities/26218

www.exploit-db.com/exploits/1738

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.7%

JSON

Related for NVD:CVE-2006-2156

cve2 nessus1 prion2 cvelist2 nvd1