CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-6890

Voodoo chat 1.0RC1b stores sensitive information under the web root with insufficient access control, which allows remote attackers to download passwords via a direct request for data/users.dat.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.022

EPSS Ranking 83.7%

CVSS Severity

CVSS v2 Score 7.5

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/31221
https://www.exploit-db.com/exploits/3044
https://exchange.xforce.ibmcloud.com/vulnerabilities/31221
https://www.exploit-db.com/exploits/3044

Products affected by CVE-2006-6890

Voc-Project » Voodoo Chat » Version: 1.0_rc1b

cpe:2.3:a:voc-project:voodoo_chat:1.0_rc1b

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-6890

Products

Pricing

Contact Us