CVE-2007-6056

Aida-Web - Information Disclosure via Mehr and SUPER Parameter Manipulation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-6056. PoCs published by MC Iglo.

AI-analyzed exploit summary The provided code is a writeup describing an unauthorized access vulnerability in AIDA Web. It includes example URLs demonstrating how an attacker could exploit the vulnerability to obtain sensitive information.

Description

frame.html in Aida-Web (Aida Web) allows remote attackers to bypass a protection mechanism and obtain comment and task details via modified values to the (1) Mehr and (2) SUPER parameters.

Exploits (1)

exploitdb WRITEUP VERIFIED
by MC Iglo · textwebappscgi
https://www.exploit-db.com/exploits/30770

The provided code is a writeup describing an unauthorized access vulnerability in AIDA Web. It includes example URLs demonstrating how an attacker could exploit the vulnerability to obtain sensitive information.

Classification
Writeup 80%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: AIDA Web
No auth needed
Prerequisites: Access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/45300
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/483749/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/38504
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3385
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/26464

Scores

EPSS 0.0205
EPSS Percentile 84.1%

Details

CWE
CWE-264
Status published
Products (1)
aida-orga/aida-web
Published Nov 20, 2007
Tracked Since Feb 18, 2026