Vulnerabilities > CVE-2006-1005 - Information Disclosure vulnerability in Cactusoft Parodia 6.2

047910
CVSS 6.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
cactusoft

Summary

agencyprofile.asp in Parodia 6.2 and earlier might allow remote attackers to obtain sensitive information by triggering an SQL error via an invalid AG_ID parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. This vulnerability affects CactuSoft, Parodia version 6.2, and may affect all previous versions as well.

Vulnerable Configurations

Part Description Count
Application
Cactusoft
1