Vulnerability Description
tr1.php in Yourfreeworld Stylish Text Ads Script allows remote attackers to obtain the installation path via an invalid id parameter, which leaks the path in an error message. NOTE: this issue might be resultant from CVE-2006-2508.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Yourfreeworld | Stylish Text Ads Script | All versions |
References
- http://archives.neohapsis.com/archives/bugtraq/2006-05/0381.htmlExploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26571
- http://archives.neohapsis.com/archives/bugtraq/2006-05/0381.htmlExploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26571
FAQ
What is CVE-2006-6461?
CVE-2006-6461 is a vulnerability with a CVSS score of 7.8 (HIGH). tr1.php in Yourfreeworld Stylish Text Ads Script allows remote attackers to obtain the installation path via an invalid id parameter, which leaks the path in an error message. NOTE: this issue might ...
How severe is CVE-2006-6461?
CVE-2006-6461 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6461?
Check the references section above for vendor advisories and patch information. Affected products include: Yourfreeworld Stylish Text Ads Script.