Vulnerabilities > CVE-2006-6744 - Local Security vulnerability in PHPprofiles 2.1.0

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

phpprofiles

NVD

Published: 2006-12-26

Updated: 2008-09-05

Summary

phpProfiles before 2.1.1 does not have an index.php or other index file in the (1) image_data, (2) graphics/comm, or (3) users read/write directories, which might allow remote attackers to list directory contents or have other unknown impacts.

Vulnerable Configurations

Part	Description	Count
Application	Phpprofiles Phpprofiles Phpprofiles 2.1.0	1

References

http://sourceforge.net/project/shownotes.php?release_id=460858&group_id=176310