Vulnerabilities > CVE-2006-6755 - Information Disclosure vulnerability in Ixprim CMS 1.2

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
ixprim
exploit available
NVD
Published: 2006-12-27
Updated: 2018-10-17

Summary

Ixprim 1.2 allows remote attackers to obtain sensitive information via a direct request for kernel/plugins/fckeditor2/ixprim_api.php, which reveals the path in an error message.

Vulnerable Configurations

Part Description Count
Application
Ixprim
1

Exploit-Db

descriptionIxprim CMS 1.2 Remote Blind SQL Injection Exploit. CVE-2006-6755,CVE-2006-6756. Webapps exploit for php platform
fileexploits/php/webapps/2975.pl
idEDB-ID:2975
last seen2016-01-31
modified2006-12-21
platformphp
port
published2006-12-21
reporterDarkFig
sourcehttps://www.exploit-db.com/download/2975/
titleIxprim CMS 1.2 - Remote Blind SQL Injection Exploit
typewebapps

References