Lucene search

[email protected]NVD:CVE-2006-6941

HistoryJan 19, 2007 - 12:28 a.m.

CVE-2006-6941

2007-01-1900:28:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.004

Percentile

74.2%

JSON

index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to obtain sensitive information via an invalid action parameter in an info operation, which discloses the path in an error message.

Affected configurations

Nvd

Node

freewebshopfreewebshopRange≤2.2.2

VendorProductVersionCPE
freewebshopfreewebshop*cpe:2.3:a:freewebshop:freewebshop:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
freewebshop	freewebshop	*	cpe:2.3:a:freewebshop:freewebshop::::::::

References

www.freewebshop.org/?id=27

www.exploit-db.com/exploits/2704

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.004

Percentile

74.2%

JSON

Related for NVD:CVE-2006-6941

cvelist1 cve1 exploitdb1