Lucene search

MitreCVE-2006-4835

HistorySep 15, 2006 - 10:07 p.m.

CVE-2006-4835

2006-09-1522:07:00

mitre

web.nvd.nist.gov

bluview blue magic board

bmb

remote attackers

sensitive information

security vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

Low

EPSS

0.006

Percentile

79.1%

JSON

Bluview Blue Magic Board (BMB) (aka BMForum) 5.5 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php, (2) header.php, (3) db_mysql_error.php, (4) langlist.php, (5) sendmail.php, or (6) style.php, which reveals the path in various error messages.

Affected configurations

Nvd

Node

bluviewblue_magic_boardMatch5.5

VendorProductVersionCPE
bluviewblue_magic_board5.5cpe:2.3:a:bluview:blue_magic_board:5.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
bluview	blue_magic_board	5.5	cpe:2.3:a:bluview:blue_magic_board:5.5:::::::*

References

securityreason.com/securityalert/1586

www.securityfocus.com/archive/1/446037/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/28949

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

Low

EPSS

0.006

Percentile

79.1%

JSON

Related for CVE-2006-4835