|
|
CVE Reference: CVE-2006-0756 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-0756 |
|
|
Description: ** DISPUTED ** dotProject 2.0.1 and earlier leaves (1) phpinfo.php and (2) check.php accessible under the /docs/ directory after installation, which allows remote attackers to obtain sensitive configuration information. NOTE: the vendor disputes this issue, saying that it could only occur if the administrator ignores the installation instructions as well as warnings generated by check.php. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/24745 SREASON http://securityreason.com/securityalert/434 SAID Secunia Advisory: SA18879 OSVDB 23207 23208 BUGTRAQ http://www.securityfocus.com/archive/1/425285/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/424957/100/0/threaded BID 16648 |
|
| Return to the previous page. |
