Lucene search
MitreCVE-2006-6457HistoryDec 11, 2006 - 5:28 p.m.
CVE-2006-6457
2006-12-1117:28:00
CWE-200
mitre
web.nvd.nist.gov
26
cve-2006-6457
tikiwiki
information security
remote attack
sensitive information
mysql
nvd
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.003
Percentile
72.1%
tiki-wiki_rss.php in Tikiwiki 1.9.5, 1.9.2, and possibly other versions allows remote attackers to obtain sensitive information (MySQL username and password) via an invalid (large or negative) ver parameter, which leaks the information in an error message.
Affected configurations
Node
tikitikiwiki_cms\/groupwareMatch1.9.2
ORtikitikiwiki_cms\/groupwareMatch1.9.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| tiki | tikiwiki_cms\/groupware | 1.9.2 | cpe:2.3:a:tiki:tikiwiki_cms\/groupware:1.9.2:*:*:*:*:*:*:* |
| tiki | tikiwiki_cms\/groupware | 1.9.5 | cpe:2.3:a:tiki:tikiwiki_cms\/groupware:1.9.5:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2006-6457
2006-12-11 17:00:00
nvd
nvd
CVE-2006-6457
2006-12-11 17:28:00
ubuntucve
ubuntucve
CVE-2006-6457
2006-12-11 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.003
Percentile
72.1%
Related for CVE-2006-6457