CVE-2006-5759 : index.php in Rhadrix If-CMS, possibly 1.01 and 2.07, allows remote attackers to

index.php in Rhadrix If-CMS, possibly 1.01 and 2.07, allows remote attackers to obtain the full path of the web server via empty (1) rns[] or (2) pag[] arguments, which reveals the path in an error message.

Published 2006-11-06 22:07:00

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2006-5759

Rhadrix » If-cms » Version: 1.01
cpe:2.3:a:rhadrix:if-cms:1.01:*:*:*:*:*:*:*
Matching versions
Rhadrix » If-cms » Version: 2.07
cpe:2.3:a:rhadrix:if-cms:2.07:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2006-5759

EPSS FAQ

0.29%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 50 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2006-5759

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

References for CVE-2006-5759

Jump to

Vulnerability Details : CVE-2006-5759

Products affected by CVE-2006-5759

Exploit prediction scoring system (EPSS) score for CVE-2006-5759

CVSS scores for CVE-2006-5759

References for CVE-2006-5759