1. Home
  2. CVE Database
  3. CVE-2006-1684
MEDIUM · 5.0

CVE-2006-1684

Unspecified vulnerability in ecotwo Shopsystem 1.0-192 and earlier allows remote attackers to include arbitrary local files via (1) the lang parameter in news.php and (2) other unspecified vectors.

Vulnerability Description

Unspecified vulnerability in ecotwo Shopsystem 1.0-192 and earlier allows remote attackers to include arbitrary local files via (1) the lang parameter in news.php and (2) other unspecified vectors.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:N/I:P/A:N
Confidentiality
NONE
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
EcotwoShopsystem1.0_192

References

FAQ

What is CVE-2006-1684?

CVE-2006-1684 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Unspecified vulnerability in ecotwo Shopsystem 1.0-192 and earlier allows remote attackers to include arbitrary local files via (1) the lang parameter in news.php and (2) other unspecified vectors.

How severe is CVE-2006-1684?

CVE-2006-1684 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-1684?

Check the references section above for vendor advisories and patch information. Affected products include: Ecotwo Shopsystem.