CVE-2006-1105

Exploit

EPSS 1.67%
Veröffentlicht 09.03.2006 13:06:00
Zuletzt bearbeitet 16.06.2026 22:22:01
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Pixelpost 1.5 beta 1 and earlier allows remote attackers to obtain configuration information via a direct request to includes/phpinfo.php, which calls the phpinfo function.  NOTE: the vendor has disputed some issues from the original disclosure, but due to the vagueness of the dispute, it is not clear whether the vendor is disputing this particular issue.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

NVD 2 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Pixelpost ≫ Pixelpost Version1.4.3

Pixelpost ≫ Pixelpost Version1.5_beta1

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.67%	0.737

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://forum.pixelpost.org/showthread.php?t=3535

Exploit

http://www.neosecurityteam.net/index.php?action=advisories&id=19

Vendor Advisory

Exploit

http://www.securityfocus.com/archive/1/426764/100/0/threaded

http://www.securityfocus.com/bid/16964

Exploit

http://www.vupen.com/english/advisories/2006/0823

https://exchange.xforce.ibmcloud.com/vulnerabilities/25048

https://nvd.nist.gov/vuln/detail/CVE-2006-1105

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-1105

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-1105

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2006-1105