CVE-2006-6735
Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c - Info Disclosure
Title source: llmDescription
modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attackers to obtain sensitive information via a request with an arbitrary catname parameter but no itemsdb parameter, which reveals the path in an error message. NOTE: CVE analysis suggests that this error might be resultant from a more serious issue such as directory traversal.
References (4)
Core 4
Core References
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/2072
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/21677
Exploit mailing-list
x_refsource_vim
http://www.attrition.org/pipermail/vim/2006-December/001197.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/454864/100/0/threaded
Scores
EPSS
0.0151
EPSS Percentile
71.5%
Details
CWE
CWE-200
Status
published
Products (1)
obie_website/mini_web_shop
2.1.c
Published
Dec 26, 2006
Tracked Since
Feb 18, 2026