CVE-2006-2617

Medium

5/10

Summary

(1) AlstraSoft Web Host Directory 1.2, aka (2) HyperStop WebHost Directory 1.2, allows remote attackers to obtain the installation path via an invalid entry in the Username field on the login page, which causes the path to be displayed in an SQL error. NOTE: this issue might be resultant from SQL injection.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: PARTIAL
Availability Impact: NONE

References

Advisory Timeline

Published May 26, 2006

CVE-2006-2617

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS