5

CVE-2006-2617

EPSS 0.81%
Published 26.05.2006 01:06:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

(1) AlstraSoft Web Host Directory 1.2, aka (2) HyperStop WebHost Directory 1.2, allows remote attackers to obtain the installation path via an invalid entry in the Username field on the login page, which causes the path to be displayed in an SQL error.  NOTE: this issue might be resultant from SQL injection.

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

Alstrasoft ≫ Webhost Directory Version1.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.81%	0.733

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://secunia.com/advisories/20276

Vendor Advisory

http://secunia.com/advisories/20278

Vendor Advisory

http://securityreason.com/securityalert/955

http://www.securityfocus.com/archive/1/434912/100/0/threaded

http://www.vupen.com/english/advisories/2006/1972

http://www.vupen.com/english/advisories/2006/1973

http://www.sitepoint.com/forums/showthread.php?t=311969

https://exchange.xforce.ibmcloud.com/vulnerabilities/26656

https://exchange.xforce.ibmcloud.com/vulnerabilities/26661

https://nvd.nist.gov/vuln/detail/CVE-2006-2617

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-2617

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-2617

EUVD