exploitDog

CVE-2006-7060

Опубликовано: 24 фев. 2007

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

cindex.php in Scriptsez.net E-Dating System allows remote attackers to obtain the full path via an invalid id parameter in a dologin action, which leaks the path in an error message.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2006-06/0067.html
Exploit
http://secunia.com/advisories/20535
Vendor Advisory
http://securityreason.com/securityalert/2300
http://archives.neohapsis.com/archives/bugtraq/2006-06/0067.html
Exploit
http://secunia.com/advisories/20535
Vendor Advisory
http://securityreason.com/securityalert/2300

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:scriptsez.net:e-dating_system:*:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00376

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-f8jf-pwp5-j7h9

github

почти 4 года назад

cindex.php in Scriptsez.net E-Dating System allows remote attackers to obtain the full path via an invalid id parameter in a dologin action, which leaks the path in an error message.

EPSS

Процентиль: 59%

0.00376

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other