PT-2006-7345 · Unknown · Phpprofiles

Published

2006-12-26

Updated

2008-09-05

CVE-2006-6744

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: phpProfiles versions prior to 2.1.1

Description: The issue is related to the absence of an index file in certain directories, which could allow remote attackers to list directory contents or have other unknown impacts. The affected directories include image data, graphics/comm, and users read/write directories.

Recommendations: For versions prior to 2.1.1, consider adding an index file, such as index.php, to the image data, graphics/comm, and users read/write directories to prevent directory listing.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-6744

Affected Products

Phpprofiles

PT-2006-7345 · Unknown · Phpprofiles

CVE-2006-6744

Related Identifiers

Affected Products

References · 2