CVE-2006-3104
published 2006-06-21CVE-2006-3104: users/index.php in Bitweaver 1.3 allows remote attackers to obtain sensitive information via an invalid sort_mode parameter, which reveals the installation…
PriorityP415medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
8.71%
94.5th percentile
users/index.php in Bitweaver 1.3 allows remote attackers to obtain sensitive information via an invalid sort_mode parameter, which reveals the installation path and database information in the resultant error message.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bitweaver | bitweaver | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://retrogod.altervista.org/bitweaver_13_xpl.htmlhttp://secunia.com/advisories/20695http://securityreason.com/securityalert/1115http://sourceforge.net/project/shownotes.php?release_id=336854&group_id=141358http://www.bitweaver.org/articles/45http://www.osvdb.org/26589http://www.securityfocus.com/archive/1/437491/100/0/threadedhttp://www.vupen.com/english/advisories/2006/2405https://exchange.xforce.ibmcloud.com/vulnerabilities/27214http://retrogod.altervista.org/bitweaver_13_xpl.htmlhttp://secunia.com/advisories/20695http://securityreason.com/securityalert/1115http://sourceforge.net/project/shownotes.php?release_id=336854&group_id=141358http://www.bitweaver.org/articles/45http://www.osvdb.org/26589http://www.securityfocus.com/archive/1/437491/100/0/threadedhttp://www.vupen.com/english/advisories/2006/2405https://exchange.xforce.ibmcloud.com/vulnerabilities/27214
2006-06-21
Published