CVE-2006-1718

Magus Perde Clever Copy 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to view the database username and password via a direct request for connect.inc.

Published: Apr 12, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-1718
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
clever_copy / clever_copy	23.0	23.0.x
clever_copy / clever_copy	-	3.0.x
clever_copy / clever_copy	1.0.3	1.0.3.x
clever_copy / clever_copy	2.0a	2.0a.x
clever_copy / clever_copy	1.0.0	1.0.0.x
clever_copy / clever_copy	2.0	2.0.x
clever_copy / clever_copy	1.0.1	1.0.1.x
clever_copy / clever_copy	1.0.2	1.0.2.x

http://advisories.echo.or.id/adv/adv28-K-159-2006.txt
http://secunia.com/advisories/19579
http://www.securityfocus.com/archive/1/430369/100/0/threaded
http://www.securityfocus.com/bid/17461
http://www.vupen.com/english/advisories/2006/1316
https://exchange.xforce.ibmcloud.com/vulnerabilities/25720

Vulnerability Database

290,273

CVE-2006-1718