5

CVE-2006-1105

Exploit

EPSS 0.76%
Veröffentlicht 09.03.2006 13:06:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Pixelpost 1.5 beta 1 and earlier allows remote attackers to obtain configuration information via a direct request to includes/phpinfo.php, which calls the phpinfo function.  NOTE: the vendor has disputed some issues from the original disclosure, but due to the vagueness of the dispute, it is not clear whether the vendor is disputing this particular issue.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Pixelpost ≫ Pixelpost Version1.4.3

Pixelpost ≫ Pixelpost Version1.5_beta1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.76%	0.711

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://forum.pixelpost.org/showthread.php?t=3535

Exploit

http://www.neosecurityteam.net/index.php?action=advisories&id=19

Vendor Advisory

Exploit

http://www.securityfocus.com/archive/1/426764/100/0/threaded

http://www.securityfocus.com/bid/16964

Exploit

http://www.vupen.com/english/advisories/2006/0823

https://exchange.xforce.ibmcloud.com/vulnerabilities/25048

https://nvd.nist.gov/vuln/detail/CVE-2006-1105

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-1105

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-1105

EUVD