2 matches found
CVE-2006-4499
ModernBill 5.0.4 and earlier uses cURL with insecure settings for CURLOPTSSLVERIFYPEER and CURLOPTSSLVERIFYHOST that do not verify SSL certificates, which allows remote attackers to read network traffic via a man-in-the-middle MITM attack...
CVE-2006-4499
CVE-2006-4499 affects ModernBill 5.0.4 and earlier. The root cause is insecure cURL SSL settings (CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST) that do not verify certificates, allowing remote attackers to read network traffic via a MITM. The connected documents confirm the MITM risk and tra...