Vulnerability Details CVE-2006-4043
index.php in myWebland myBloggie 2.1.4 and earlier allows remote attackers to obtain sensitive information via a query that only specifies the viewdate mode, which reveals the table prefix in a SQL error message.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://retrogod.altervista.org/mybloggie_214_sql.html
- http://secunia.com/advisories/21376
- http://securityreason.com/securityalert/1347
- http://www.securityfocus.com/archive/1/442323/100/0/threaded
- http://www.vupen.com/english/advisories/2006/3179
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28242
- https://www.exploit-db.com/exploits/2118
- http://retrogod.altervista.org/mybloggie_214_sql.html
- http://secunia.com/advisories/21376
- http://securityreason.com/securityalert/1347
- http://www.securityfocus.com/archive/1/442323/100/0/threaded
- http://www.vupen.com/english/advisories/2006/3179
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28242
- https://www.exploit-db.com/exploits/2118
Products affected by CVE-2006-4043
-
cpe:2.3:a:mywebland:mybloggie:*
-
cpe:2.3:a:mywebland:mybloggie:2.1.1
-
cpe:2.3:a:mywebland:mybloggie:2.1.2
-
cpe:2.3:a:mywebland:mybloggie:2.1.3
-
cpe:2.3:a:mywebland:mybloggie:2.1.3_beta