Vulnerabilities > CVE-2006-1088 - Input Validation and Information Disclosure vulnerability in PHP-Stats

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
php-stats

Summary

PHP-Stats 0.1.9.1 and earlier allows remote attackers to obtain potentially sensitive information via a direct request to checktables.php, which lists the database table_prefix.

Vulnerable Configurations

Part Description Count
Application
Php-Stats
1