CVE-2006-5109
Last modified
CVE-2006-5109 is a vulnerability of currently unknown severity. Devellion CubeCart 2.0.x allows remote attackers to obtain sensitive information via a direct request for (1) link_navi.php or (2) spotlight.php, which reveals the path in various error messages. NOTE: the information.php, language.php, list_docs.php, popular_prod.php, sale.php, check_sum.php, and cat_navi.php vectors are already covered by CVE-2005-0607.. EPSS estimates a 1.39% chance of exploitation in the next 30 days.
Description
Devellion CubeCart 2.0.x allows remote attackers to obtain sensitive information via a direct request for (1) link_navi.php or (2) spotlight.php, which reveals the path in various error messages. NOTE: the information.php, language.php, list_docs.php, popular_prod.php, sale.php, check_sum.php, and cat_navi.php vectors are already covered by CVE-2005-0607.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Devellion | Cubecart | 2.0.0 |
| Devellion | Cubecart | 2.0.1 |
| Devellion | Cubecart | 2.0.2 |
| Devellion | Cubecart | 2.0.3 |
| Devellion | Cubecart | 2.0.4 |
| Devellion | Cubecart | 2.0.5 |
| Devellion | Cubecart | 2.0.6 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2006-5109?
How severe is CVE-2006-5109?
How do I fix CVE-2006-5109?
Are you affected by CVE-2006-5109?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST