exploitDog

CVE-2006-7061

Опубликовано: 24 фев. 2007

Источник: nvd

CVSS2: 9.3

EPSS Низкий

Описание

Scriptsez.net E-Dating System stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read private messages and leverage them for cross-site scripting (XSS) attacks.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:scriptsez.net:e-dating_system:*:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00878

Низкий

9.3 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-6vhh-cxfv-5pqp

github

почти 4 года назад

Scriptsez.net E-Dating System stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read private messages and leverage them for cross-site scripting (XSS) attacks.

EPSS

Процентиль: 75%

0.00878

Низкий

9.3 Critical

CVSS2

Дефекты

NVD-CWE-Other