ID CVE-2006-3196
Summary index.php in singapore 0.10.0 and earlier allows remote attackers to obtain the installation path via an invalid template parameter, which reveals the path in an error message.
References
Vulnerable Configurations
  • cpe:2.3:a:singapore:singapore:0.9.1_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.1_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.2_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.2_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.3_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.3_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.4_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.4_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.5_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.5_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.6_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.6_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.7:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.7:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.7_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.7_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.8_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.8_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.9a_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.9a_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.9b_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.9b_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.10:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.10:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.10_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.10_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9.11_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9.11_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.9a_beta:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.9a_beta:*:*:*:*:*:*:*
  • cpe:2.3:a:singapore:singapore:0.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:singapore:singapore:0.10.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 18-10-2018 - 16:46)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bugtraq 20060618 singapore gallery <= 0.10.0 Multiple Vulnerabilities
sreason 1135
xf singapore-index-path-disclosure(27323)
Last major update 18-10-2018 - 16:46
Published 23-06-2006 - 00:02
Last modified 18-10-2018 - 16:46
Back to Top