|
|
CVE Reference: CVE-2006-2552 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-2552 |
|
|
Description: Jemscripts DownloadControl 1.0 allows remote attackers to obtain sensitive information via an invalid dcid parameter to dc.php, which leaks the pathname in an error message. NOTE: this was originally claimed to be SQL injection, but it is probably resultant from another issue in functions.php. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/26576 SREASON http://securityreason.com/securityalert/943 OSVDB 25716 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/434533/100/0/threaded BID 18041 |
|
| Return to the previous page. |
