Information Disclosure in phpwcms by phpwcms
CVE-2006-6886

Currently unrated

Key Information:

Vendor

PHPwcms

Status
PHPwcms
Vendor
CVE Published:
31 December 2006

What is CVE-2006-6886?

The phpwcms version 1.2.5-DEV is susceptible to an information disclosure vulnerability that allows remote attackers to retrieve sensitive files through direct URL requests. Specifically, attackers can access 'files.public-userroot.inc.php' and 'files.private.additions.inc.php' which potentially exposes critical server path information via error messages. This unauthorized access could lead to broader implications regarding the security of the affected web application.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.osvdb.org/25753
vdb-entryx_refsource_OSVDB
https://exchange.xforce.ibmcloud.com/vulnerabilities/26637
vdb-entryx_refsource_XF
http://www.vupen.com/english/advisories/2006/1934
vdb-entryx_refsource_VUPEN

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.