CVE-2006-1332

Sažetak

Noah's Classifieds 1.3 and earlier allows remote attackers to obtain sensitive information via an invalid list parameter in the showdetails method to index.php, which reveals the path in an error message.

Reference

http://securityreason.com/securityalert/471
http://securityreason.com/securityalert/605
http://www.securityfocus.com/archive/1/428157
https://exchange.xforce.ibmcloud.com/vulnerabilities/25331

CVSS

Base:	6.4
Impact:	4.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:P

Zadnje važnije ažuriranje

20-07-2017 - 01:30

Objavljeno

21-03-2006 - 01:06