Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1680

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2006-1680
Last Modified 07 Mar 2011 09:33:34
Published 10 Apr 2006 08:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-1680

Summary

Jupiter CMS 1.1.5, when display_errors is enabled, allows remote attackers to obtain the full server path via a direct request to modules/online.php.

Vulnerable Systems

Application

  • Jupiter Cms 1.1.5


References

VUPEN - ADV-2006-1302

BUGTRAQ - 20060407 Multiple vulnerability in jupiter CMS

XF - jupitercm-online-path-disclosure(25703)

SECUNIA - 19582


Last Updated: 27 May 2016 10:42:09