5

CVE-2006-0371

Exploit

EPSS 0.96%
Veröffentlicht 22.01.2006 20:03:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Directory traversal vulnerability in index.php in Noah Medling RCBlog 1.03 allows remote attackers to read arbitrary .txt files, possibly including one that stores the administrator's account name and password, via a .. (dot dot) in the post parameter.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 14

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Noah Medling ≫ Rcblog Version1.03

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.96%	0.744

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://evuln.com/vulns/42/summary.html

Vendor Advisory

Exploit

http://secunia.com/advisories/18547

Vendor Advisory

http://securitytracker.com/id?1015523

http://www.fluffington.com/index.php?page=rcblog

URL Repurposed

http://www.securityfocus.com/archive/1/422499/100/0/threaded

http://www.osvdb.org/22680

http://www.securityfocus.com/archive/1/425392/100/0/threaded

http://www.securityfocus.com/archive/1/436784/30/4500/threaded

http://www.securityfocus.com/bid/16342

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/24248

https://exchange.xforce.ibmcloud.com/vulnerabilities/27042

https://nvd.nist.gov/vuln/detail/CVE-2006-0371

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-0371

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-0371

EUVD