Vulnerability Details CVE-2006-5759
index.php in Rhadrix If-CMS, possibly 1.01 and 2.07, allows remote attackers to obtain the full path of the web server via empty (1) rns[] or (2) pag[] arguments, which reveals the path in an error message.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.3%
CVSS Severity
CVSS v2 Score 5.0
References
- http://s-a-p.ca/index.php?page=OurAdvisories&id=5
- http://securityreason.com/securityalert/1825
- http://www.securityfocus.com/archive/1/450566/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30012
- http://s-a-p.ca/index.php?page=OurAdvisories&id=5
- http://securityreason.com/securityalert/1825
- http://www.securityfocus.com/archive/1/450566/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30012