CVE-2006-2096

Sažetak

plug.php in Land Down Under (LDU) 802 and earlier allows remote attackers to obtain sensitive information via an invalid (1) month or (2) year parameter, which reveals the path in an error message.

Reference

http://securityreason.com/securityalert/814
http://www.securityfocus.com/archive/1/432235/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/26143

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

18-10-2018 - 16:38

Objavljeno

29-04-2006 - 10:02