Vulnerabilities > CVE-2006-3369 - Information Disclosure vulnerability in Iduprey Kamikaze-Qscm 0.1/0.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Kamikaze-QSCM 0.1 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information, including the database configuration.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |