CVE-2006-1332

Published Mar 21, 2006

Last updated 7 years ago

Overview

Description: Noah's Classifieds 1.3 and earlier allows remote attackers to obtain sensitive information via an invalid list parameter in the showdetails method to index.php, which reveals the path in an error message.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.4
Impact score: 4.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:phpoutsourcing:noahs_classifieds:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7BFDD5F6-900F-45CE-9AB0-59161C853476",
            "versionEndIncluding": "1.3"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References