| |
Vulnerability CVE-2006-3965
Published: 2006-08-01 Modified: 2012-02-12
| Description: |
Banex PHP MySQL Banner Exchange 2.21 stores lib.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as database usernames and passwords. |
CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
5/10 |
2.9/10 |
10/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
http://marc.theaimsgroup.com/?l=full-disclosure&m=115423462216111&w=2
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
