1. CVE-Search
  2. CVE-2006-1718
ID CVE-2006-1718
Summary Magus Perde Clever Copy 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to view the database username and password via a direct request for connect.inc.
References
Vulnerable Configurations
  • cpe:2.3:a:clever_copy:clever_copy:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:clever_copy:clever_copy:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:clever_copy:clever_copy:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:clever_copy:clever_copy:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clever_copy:clever_copy:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:clever_copy:clever_copy:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:clever_copy:clever_copy:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:clever_copy:clever_copy:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:clever_copy:clever_copy:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:clever_copy:clever_copy:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:clever_copy:clever_copy:2.0a:*:*:*:*:*:*:*
    cpe:2.3:a:clever_copy:clever_copy:2.0a:*:*:*:*:*:*:*
  • cpe:2.3:a:clever_copy:clever_copy:*:*:*:*:*:*:*:*
    cpe:2.3:a:clever_copy:clever_copy:*:*:*:*:*:*:*:*
  • cpe:2.3:a:clever_copy:clever_copy:23.0:*:*:*:*:*:*:*
    cpe:2.3:a:clever_copy:clever_copy:23.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 18-10-2018 - 16:34)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 17461
bugtraq 20060407 [ECHO_ADV_28$2006] Clever Copy <= 3.0 Connect.inc Critical Information Disclosure
misc http://advisories.echo.or.id/adv/adv28-K-159-2006.txt
secunia 19579
vupen ADV-2006-1316
xf clevercopy-connect-disclose-information(25720)
Last major update 18-10-2018 - 16:34
Published 11-04-2006 - 23:02
Last modified 18-10-2018 - 16:34
Back to Top