NVD

Id
59055  
Name
CVE-2006-0315  
Description
index.php in EZDatabase before 2.1.2 does not properly cleanse the p parameter before constructing and including a .php filename, which allows remote attackers to conduct directory traversal attacks, and produces resultant cross-site scripting (XSS) and path disclosure.  
Reject
 
CVSS Version
2  
CVSS Score
5.8  
Severity
Medium  
CVSS Base Score
5.8  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:N)  
Pub Date
2016-12-20  
Published
2006-01-18  
Modified Date
2008-09-05  
Seq
2006-0315  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
303514 59055 CVE-2006-0315 20060115 EZDatabase Directory Transversal, XSS and Path Disclosure Vulnerability  View
303515 59055 CVE-2006-0315 20060115 EZDatabase Directory Transversal, XSS and Path Disclosure Vulnerability  View
303516 59055 CVE-2006-0315 16257  View
303517 59055 CVE-2006-0315 ezdatabase-index-p-xss(24134)  View
303518 59055 CVE-2006-0315 ezdatabase-index-p-path-disclosure(24135)  View
303519 59055 CVE-2006-0315 http://zur.homelinux.com/Advisories/ezdatabase_dir_trans.txt  View

Related JVN