1. Home
  2. Vulnerabilities
  3. CVE-2006-3936

CVE-2006-3936

CVSS v2.0 4 (Medium)
40% Progress
EPSS 0.27 % (68th)
0.27% Progress
Affected Products 1
Advisories 1
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

system/workplace/editors/editor.jsp in Alkacon OpenCms before 6.2.2 allows remote authenticated users to read the source code of arbitrary JSP files by specifying the file in the resource parameter, as demonstrated using index.jsp.

Weaknesses
CWE-NVD-Other
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2006-07-31 22:04:00
(18 years ago)
Updated Date
2018-10-17 21:32:25
(6 years ago)

Affected Products

Alkacon

Configuration #1

    CPE23 From Up To
  Alkacon Opencms 6.0.0 cpe:2.3:a:alkacon:opencms:6.0.0
  Alkacon Opencms 6.0.2 cpe:2.3:a:alkacon:opencms:6.0.2
  Alkacon Opencms 6.0.3 cpe:2.3:a:alkacon:opencms:6.0.3
  Alkacon Opencms 6.0.4 cpe:2.3:a:alkacon:opencms:6.0.4
  Alkacon Opencms 6.2 cpe:2.3:a:alkacon:opencms:6.2
  Alkacon Opencms 6.2.1 cpe:2.3:a:alkacon:opencms:6.2.1