CVE-2006-3836

Sažetak

Directory traversal vulnerability in index.php in UNIDOmedia Chameleon LE 1.203 and earlier, and possibly Chameleon PRO, allows remote attackers to read arbitrary files via the rmid parameter.

Reference

http://secunia.com/advisories/21156
http://securityreason.com/securityalert/1280
http://www.securityfocus.com/archive/1/440765/100/0/threaded
http://www.securityfocus.com/bid/19107
http://www.vupen.com/english/advisories/2006/2948
https://exchange.xforce.ibmcloud.com/vulnerabilities/27898

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

17-10-2018 - 21:31

Objavljeno

25-07-2006 - 13:22