ID CVE-2006-0590
Summary MyTopix 1.2.3 allows remote attackers to obtain the installation path via an invalid hl parameter to index.php, which leads to path disclosure, possibly related to invalid SQL syntax.
References
Vulnerable Configurations
  • cpe:2.3:a:jaia_interactive:mytopix:1.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:jaia_interactive:mytopix:1.2.3:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 19-10-2018 - 15:45)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bugtraq 20060204 [KAPDA::#26] - MyTopix Sql Injection & Path Disclosure
misc http://kapda.ir/advisory-249.html
sreason 413
Last major update 19-10-2018 - 15:45
Published 08-02-2006 - 01:02
Last modified 19-10-2018 - 15:45
Back to Top