Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2566

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-2566
Last Modified 07 Mar 2011 09:36:31
Published 24 May 2006 04:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2566

Summary

Alstrasoft Article Manager Pro 1.6 allows remote attackers to obtain sensitive information via (1) a quote character or possibly an invalid value in the action parameter in a request to mrarticles.php or (2) a login QUERY_STRING to admin.php without any additional parameters, which reveal the path in various error messages.

Vulnerable Systems

Application

  • Alstrasoft Article Manager Pro 1.6


References

VUPEN - ADV-2006-1943

BUGTRAQ - 20060522 Alstrasoft Article Manager Pro v1.6

XF - article-manager-multi-scripts-path-disclosure(26676)

SREASON - 949


Last Updated: 27 May 2016 10:42:40