CVE-2006-2676 : Dispatch.cgi/_user/uservCard/ in SiteScape Forum 7.2 and possibly earlier genera

Dispatch.cgi/_user/uservCard/ in SiteScape Forum 7.2 and possibly earlier generates different responses in a way that allows remote attackers to enumerate valid usernames.

Published 2006-05-31 10:06:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2006-2676

Sitescape » Sitescape Forum » Version: 7.2
cpe:2.3:a:sitescape:sitescape_forum:7.2:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2006-2676

EPSS FAQ

0.38%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 56 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2006-2676

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

References for CVE-2006-2676

http://secunia.com/advisories/20266

Vendor Advisory

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/26672
http://www.uniras.gov.uk/niscc/docs/br-20060525-00374.html?lang=en

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2006-2676

Products affected by CVE-2006-2676

Exploit prediction scoring system (EPSS) score for CVE-2006-2676

CVSS scores for CVE-2006-2676

References for CVE-2006-2676