Lucene search

[email protected]NVD:CVE-2006-4938

HistorySep 23, 2006 - 12:07 a.m.

CVE-2006-4938

2006-09-2300:07:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.001

Percentile

46.7%

JSON

help.php in Moodle before 1.6.2 does not check the existence of certain help files before including them, which might allow remote authenticated users to obtain the path in an error message.

Affected configurations

Nvd

Node

moodlemoodleRange≤1.6.1

moodlemoodleMatch1.6.0

VendorProductVersionCPE
moodlemoodle*cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
moodlemoodle1.6.0cpe:2.3:a:moodle:moodle:1.6.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
moodle	moodle	*	cpe:2.3:a:moodle:moodle::::::::
moodle	moodle	1.6.0	cpe:2.3:a:moodle:moodle:1.6.0:::::::*

References

docs.moodle.org/en/Release_notes#Moodle_1.6.2

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.001

Percentile

46.7%

JSON

Related for NVD:CVE-2006-4938

cvelist1 cve1 ubuntucve1