Lucene search

[email protected]NVD:CVE-2006-1105

HistoryMar 09, 2006 - 1:06 p.m.

CVE-2006-1105

2006-03-0913:06:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.013

Percentile

86.2%

JSON

Pixelpost 1.5 beta 1 and earlier allows remote attackers to obtain configuration information via a direct request to includes/phpinfo.php, which calls the phpinfo function. NOTE: the vendor has disputed some issues from the original disclosure, but due to the vagueness of the dispute, it is not clear whether the vendor is disputing this particular issue.

Affected configurations

Nvd

Node

pixelpostpixelpostMatch1.4.3

pixelpostpixelpostMatch1.5_beta1

VendorProductVersionCPE
pixelpostpixelpost1.4.3cpe:2.3:a:pixelpost:pixelpost:1.4.3:*:*:*:*:*:*:*
pixelpostpixelpost1.5_beta1cpe:2.3:a:pixelpost:pixelpost:1.5_beta1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
pixelpost	pixelpost	1.4.3	cpe:2.3:a:pixelpost:pixelpost:1.4.3:::::::*
pixelpost	pixelpost	1.5_beta1	cpe:2.3:a:pixelpost:pixelpost:1.5_beta1:::::::*

References

forum.pixelpost.org/showthread.php?t=3535

www.neosecurityteam.net/index.php?action=advisories&id=19

www.securityfocus.com/archive/1/426764/100/0/threaded

www.securityfocus.com/bid/16964

www.vupen.com/english/advisories/2006/0823

exchange.xforce.ibmcloud.com/vulnerabilities/25048

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.013

Percentile

86.2%

JSON

Related for NVD:CVE-2006-1105

cve1 prion1 cvelist1