Vulnerabilities > CVE-2006-4499 - Unspecified vulnerability in Moderngigabyte Modernbill
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
ModernBill 5.0.4 and earlier uses cURL with insecure settings for CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST that do not verify SSL certificates, which allows remote attackers to read network traffic via a man-in-the-middle (MITM) attack.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |