Vulnerabilities > CVE-2006-2946 - Remote Security vulnerability in Dmx Forum
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Dmx Forum 2.1a stores _includes/bd.inc under the web root with insufficient access control, which allows remote attackers to obtain database username and password information.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Dmx Forum <= 2.1a (edit.php) Remote Password Disclosure Exploit. CVE-2006-2946,CVE-2006-2947. Webapps exploit for php platform |
id | EDB-ID:1882 |
last seen | 2016-01-31 |
modified | 2006-06-05 |
published | 2006-06-05 |
reporter | DarkFig |
source | https://www.exploit-db.com/download/1882/ |
title | Dmx Forum <= 2.1a edit.php Remote Password Disclosure Exploit |