Vulnerabilities > CVE-2006-0843 - Information Disclosure vulnerability in Leif M. Wright web Blog 3.5

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

leif-m-wright

NVD

Published: 2006-02-22

Updated: 2017-07-20

Summary

Leif M. Wright's Blog 3.5 stores the config file and other txt files under the web root with insufficient access control, which allows remote attackers to read the administrator's password.

Vulnerable Configurations

Part	Description	Count
Application	Leif_M._Wright Leif M. Wright WEB Blog 3.5	1

Packetstorm

data source	https://packetstormsecurity.com/files/download/44315/EV0082.txt
id	PACKETSTORM:44315
last seen	2016-12-05
published	2006-03-03
reporter	Aliaksandr Hartsuyeu
source	https://packetstormsecurity.com/files/44315/EV0082.txt.html
title	EV0082.txt

References

http://secunia.com/advisories/18923
http://securityreason.com/securityalert/522
http://www.evuln.com/vulns/82/summary.html
http://www.securityfocus.com/bid/16712
https://exchange.xforce.ibmcloud.com/vulnerabilities/24752