Vulnerabilities > CVE-2006-6819 - Information Disclosure vulnerability in Webhost Directory

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

alstrasoft

exploit available

NVD

Published: 2006-12-29

Updated: 2018-10-17

Summary

AlstraSoft Web Host Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a backup database via a direct request for admin/backup/db.

Vulnerable Configurations

Part	Description	Count
Application	Alstrasoft Alstrasoft Webhost Directory *	1

Exploit-Db

description	AlstraSoft Web Host Directory 1.2 Multiple Vulnerabilities. CVE-2006-6819,CVE-2008-5650. Webapps exploit for php platform
id	EDB-ID:7116
last seen	2016-02-01
modified	2008-11-14
published	2008-11-14
reporter	G4N0K
source	https://www.exploit-db.com/download/7116/
title	AlstraSoft Web Host Directory 1.2 - Multiple Vulnerabilities

Summary

Vulnerable Configurations

Exploit-Db

References