imageVue 16.1 allows remote attackers to obtain folder permission settings via a direct request to dir.php, which returns an XML document that lists folders and their permissions.
References
Link | Resource |
---|---|
http://secunia.com/advisories/18802 | Exploit Vendor Advisory |
http://www.securityfocus.com/archive/1/424745/30/0/threaded | Exploit Vendor Advisory |
http://www.securityfocus.com/bid/16594 | Exploit |
http://www.vupen.com/english/advisories/2006/0570 | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/24641 |
Configurations
History
No history.
Information
Published : 2006-02-15 11:06
Updated : 2024-02-04 16:52
NVD link : CVE-2006-0700
Mitre link : CVE-2006-0700
CVE.ORG link : CVE-2006-0700
JSON object : View
Products Affected
imagevue
- imagevue
CWE
CWE-264
Permissions, Privileges, and Access Controls