5

CVE-2006-2617

EPSS 0.81%
Veröffentlicht 26.05.2006 01:06:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

(1) AlstraSoft Web Host Directory 1.2, aka (2) HyperStop WebHost Directory 1.2, allows remote attackers to obtain the installation path via an invalid entry in the Username field on the login page, which causes the path to be displayed in an SQL error.  NOTE: this issue might be resultant from SQL injection.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Alstrasoft ≫ Webhost Directory Version1.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.81%	0.733

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://secunia.com/advisories/20276

Vendor Advisory

http://secunia.com/advisories/20278

Vendor Advisory

http://securityreason.com/securityalert/955

http://www.securityfocus.com/archive/1/434912/100/0/threaded

http://www.vupen.com/english/advisories/2006/1972

http://www.vupen.com/english/advisories/2006/1973

http://www.sitepoint.com/forums/showthread.php?t=311969

https://exchange.xforce.ibmcloud.com/vulnerabilities/26656

https://exchange.xforce.ibmcloud.com/vulnerabilities/26661

https://nvd.nist.gov/vuln/detail/CVE-2006-2617

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-2617

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-2617

EUVD