Lucene search

MitreCVE-2006-3050

HistoryJun 16, 2006 - 10:02 a.m.

CVE-2006-3050

2006-06-1610:02:00

mitre

web.nvd.nist.gov

cve-2006-3050

sixcms

directory traversal

vulnerability

sixcms 6.0

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

AI Score

Confidence

Low

EPSS

0.013

Percentile

85.6%

JSON

Directory traversal vulnerability in detail.php in SixCMS 6.0, and other versions before 6.0.6patch2, allows remote attackers to read arbitrary files via a … (dot dot) sequence and trailing null (%00) byte in the template parameter.

Affected configurations

Nvd

Node

six_offene_systeme_gmbhsixcmsRange≤6.0

VendorProductVersionCPE
six_offene_systeme_gmbhsixcms*cpe:2.3:a:six_offene_systeme_gmbh:sixcms:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
six_offene_systeme_gmbh	sixcms	*	cpe:2.3:a:six_offene_systeme_gmbh:sixcms::::::::

References

securityreason.com/securityalert/1101

securitytracker.com/id?1016282

www.majorsecurity.de/advisory/major_rls17.txt

www.securityfocus.com/archive/1/437047/100/0/threaded

www.securityfocus.com/archive/1/437639/100/0/threaded

www.securityfocus.com/bid/18395

exchange.xforce.ibmcloud.com/vulnerabilities/27107

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

AI Score

Confidence

Low

EPSS

0.013

Percentile

85.6%

JSON

Related for CVE-2006-3050