ID CVE-2006-0843
Summary Leif M. Wright's Blog 3.5 stores the config file and other txt files under the web root with insufficient access control, which allows remote attackers to read the administrator's password.
References
Vulnerable Configurations
  • cpe:2.3:a:leif_m._wright:web_blog:3.5:*:*:*:*:*:*:*
    cpe:2.3:a:leif_m._wright:web_blog:3.5:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 20-07-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 16712
misc http://www.evuln.com/vulns/82/summary.html
secunia 18923
sreason 522
xf webblog-txt-obtain-information(24752)
Last major update 20-07-2017 - 01:30
Published 22-02-2006 - 02:02
Last modified 20-07-2017 - 01:30
Back to Top