Vulnerability Details CVE-2006-6253
Cahier de texte 2.0 stores sensitive information under the web root, possibly with insufficient access control, which might allow remote attackers to obtain all users' passwords via a direct request for administration/dump.sql.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 67.0%
CVSS Severity
CVSS v2 Score 5.0
References
- http://acid-root.new.fr/poc/15061124.txt
- http://secunia.com/advisories/23122
- http://securityreason.com/securityalert/1961
- http://www.securityfocus.com/archive/1/452600/100/0/threaded
- http://www.securityfocus.com/bid/21283
- http://www.vupen.com/english/advisories/2006/4701
- http://acid-root.new.fr/poc/15061124.txt
- http://secunia.com/advisories/23122
- http://securityreason.com/securityalert/1961
- http://www.securityfocus.com/archive/1/452600/100/0/threaded
- http://www.securityfocus.com/bid/21283
- http://www.vupen.com/english/advisories/2006/4701
Products affected by CVE-2006-6253
-
cpe:2.3:a:cahier_de_textes:cahier_de_textes:2.0