Vulnerabilities > CVE-2007-0690 - Unspecified vulnerability in Myevent 1.6

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

myevent

NVD

Published: 2007-05-30

Updated: 2024-11-21

Summary

myEvent 1.6 allows remote attackers to obtain sensitive information via (1) a Log In action without a password to login.php, or an invalid (2) view[] or (3) monthno[] parameter to myevent.php, which reveals the path in various error messages.

Vulnerable Configurations

Part	Description	Count
Application	Myevent Myevent Myevent 1.6	1

References

http://osvdb.org/38336
http://osvdb.org/38336
http://securityreason.com/securityalert/2744
http://securityreason.com/securityalert/2744
http://www.netvigilance.com/advisory0024
http://www.netvigilance.com/advisory0024
http://www.osvdb.org/34272
http://www.osvdb.org/34272
http://www.securityfocus.com/archive/1/469831/100/0/threaded
http://www.securityfocus.com/archive/1/469831/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/34542
https://exchange.xforce.ibmcloud.com/vulnerabilities/34542