Skip to main content

CVE-2006-1851

Severity Medium
Score 5/10

Summary

xFlow 5.46.11 and earlier allows remote attackers to determine the installation path of the application via the (1) action parameter to members_only/index.cgi and (2) page parameter customer_area/index.cgi, probably due to invalid values.

  • LOW
  • NETWORK
  • NONE
  • NONE
  • PARTIAL
  • NONE

References

Advisory Timeline

  • Published