6.4
CVE-2006-0869
- EPSS 14.18%
- Veröffentlicht 23.02.2006 23:02:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginDirectory traversal vulnerability in the "remember me" feature in liveuser.php in PHP Extension and Application Repository (PEAR) LiveUser 0.16.8 and earlier allows remote attackers to determine file existence, and possibly delete arbitrary files with short pathnames or possibly read arbitrary files, via a .. (dot dot) in the store_id value of a cookie.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Pear ≫ Pear Liveuser Version0.3
Pear ≫ Pear Liveuser Version0.5
Pear ≫ Pear Liveuser Version0.5.1
Pear ≫ Pear Liveuser Version0.6
Pear ≫ Pear Liveuser Version0.6.1
Pear ≫ Pear Liveuser Version0.7
Pear ≫ Pear Liveuser Version0.8
Pear ≫ Pear Liveuser Version0.8.1
Pear ≫ Pear Liveuser Version0.9
Pear ≫ Pear Liveuser Version0.10.0
Pear ≫ Pear Liveuser Version0.11.0
Pear ≫ Pear Liveuser Version0.11.1
Pear ≫ Pear Liveuser Version0.12.0
Pear ≫ Pear Liveuser Version0.13.0
Pear ≫ Pear Liveuser Version0.13.1
Pear ≫ Pear Liveuser Version0.13.2
Pear ≫ Pear Liveuser Version0.13.3
Pear ≫ Pear Liveuser Version0.14.0
Pear ≫ Pear Liveuser Version0.15.0
Pear ≫ Pear Liveuser Version0.15.1
Pear ≫ Pear Liveuser Version0.16.0
Pear ≫ Pear Liveuser Version0.16.1
Pear ≫ Pear Liveuser Version0.16.2
Pear ≫ Pear Liveuser Version0.16.3
Pear ≫ Pear Liveuser Version0.16.4
Pear ≫ Pear Liveuser Version0.16.5
Pear ≫ Pear Liveuser Version0.16.6
Pear ≫ Pear Liveuser Version0.16.7
Pear ≫ Pear Liveuser Version0.16.8
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 14.18% | 0.941 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.4 | 10 | 4.9 |
AV:N/AC:L/Au:N/C:P/I:P/A:N
|