Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.1
CVSSv2

CVE-2006-6756

Published: 27/12/2006 Updated: 17/10/2018
CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9
VMScore: 515
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Vulnerability Summary

The code function in install.fct.php in Ixprim 1.2 produces a guessable value of the confidential IXP_CODE in mainfile.php, which might allow remote malicious users to gain access to the administration panel via a brute force attack.

Vulnerable Product Search on Vulmon Subscribe to Product

ixprim ixprim cms 1.2

Exploits

Exploit DB: Ixprim CMS 1.2 - Blind SQL Injection
#!/usr/bin/perl # # INFORMATIONS # ============ # Affectedscr: Ixprim 12 # PocID: 16061221 # Type: Blind SQL Injection # Risklevel: Medium # Conditions: load_file privilege (ixp code only) # Srcdownload: wwwixprim-cmsorg # Poclink: acid-rootnewfr/poc/16061221txt # Credits: DarkFig # # # SCREENSH ...

References

NVD-CWE-Otherhttp://acid-root.new.fr/poc/16061221.txthttp://securityreason.com/securityalert/2073https://exchange.xforce.ibmcloud.com/vulnerabilities/31142https://www.exploit-db.com/exploits/2975http://www.securityfocus.com/archive/1/455084/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/2975/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223CVE-2024-0044information disclosureCVE-2024-35753HTML injectionCVE-2024-21306CVE-2024-35733SQL injectionCVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook