3 matches found
CVE-2006-6819
CVE-2006-6819 concerns AlstraSoft Web Host Directory, where sensitive information is stored under the web root due to insufficient access control. The vulnerability allows remote attackers to download a backup database by issuing a direct request to admin/backup/db. The public records indicate th...
CVE-2006-6817
The CVE-2006-6817 issue affects AlstraSoft Web Host Directory (also listed as HyperStop WebHost Directory 1.2). Affected component: login/URI handling that, when an invalid URI is requested, exposes the installation path in the error message, enabling a remote attacker to obtain sensitive informa...
CVE-2006-6818
CVE-2006-6818 affects AlstraSoft Web Host Directory. The vulnerability allows remote attackers to bypass authentication and change the admin password via a direct request to /admin/config. CVSS v2 base score 7.5 (HIGH) with network attack vector and no authentication required; impact includes par...