Lucene search

MitreCVE-2006-2540

HistoryMay 23, 2006 - 10:06 a.m.

CVE-2006-2540

2006-05-2310:06:00

mitre

web.nvd.nist.gov

cve-2006-2540

diesel php job site

privacy leak

install.php

sensitive information

user credentials

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.2

Confidence

High

EPSS

0.005

Percentile

77.2%

JSON

Privacy leak in install.php for Diesel PHP Job Site sends sensitive information such as user credentials to an e-mail address controlled by the product developers.

Affected configurations

Nvd

Node

dieselscriptsdiesel_job_site

VendorProductVersionCPE
dieselscriptsdiesel_job_site*cpe:2.3:a:dieselscripts:diesel_job_site:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
dieselscripts	diesel_job_site	*	cpe:2.3:a:dieselscripts:diesel_job_site::::::::

References

secunia.com/advisories/20142

www.securityfocus.com/archive/1/434369/100/0/threaded

www.securityfocus.com/archive/1/435382/100/0/threaded

www.securityfocus.com/archive/1/435408/100/0/threaded

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.2

Confidence

High

EPSS

0.005

Percentile

77.2%

JSON

Related for CVE-2006-2540