Vulnerability Description
MyCO Guestbook 1.0 stores the admin directory under the web document root with insufficient access control, which allows remote attackers to perform unspecified privileged actions by directly accessing files via a URL.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Punctweb | Myco Guestbook | 1.0 |
References
- http://www.securityfocus.com/archive/1/423565/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24438
- http://www.securityfocus.com/archive/1/423565/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24438
FAQ
What is CVE-2006-0500?
CVE-2006-0500 is a vulnerability with a CVSS score of 7.5 (HIGH). MyCO Guestbook 1.0 stores the admin directory under the web document root with insufficient access control, which allows remote attackers to perform unspecified privileged actions by directly accessin...
How severe is CVE-2006-0500?
CVE-2006-0500 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0500?
Check the references section above for vendor advisories and patch information. Affected products include: Punctweb Myco Guestbook.