CVE-2006-7061

Loading...

General

Score:9.3/10.0
Severity:High
Category:N/A

Impact Metrics

Confidentiality:Complete
Integrity:Complete
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Published on 24/02/07 - Updated on 05/09/08

Description

Scriptsez.net E-Dating System stores data files with predictable names under the web document root with insufficient access control, which allows remote attackers to read private messages and leverage them for cross-site scripting (XSS) attacks.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2006-7061

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
scriptsez.nete-dating_system

Share this vulnerability with:

Twitter Facebook LinkedIn Mail