Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2250

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-2250
Last Modified 05 Sep 2008 05:04:03
Published 09 May 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2250

Summary

CuteNews 1.4.1 allows remote attackers to obtain sensitive information via a direct request to (1) /inc/show.inc.php or (2) /inc/functions.inc.php, which reveal the path in an error message.

Vulnerable Systems

Application

  • Cutephp Cutenews 1.4.1


References

BUGTRAQ - 20060505 CuteNews 1.4.1 Multiple vulnerabilities

XF - cutenews-multiple-path-disclosure(26271)

OSVDB - 25306

OSVDB - 25305

SREASON - 860


Last Updated: 27 May 2016 10:42:24