How severe is CVE-2006-5702?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5 out of 10.

What type of vulnerability is CVE-2006-5702?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2006-5702

MEDIUM Year: 2006

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-200

View all →

Vulnerability Description

Tikiwiki 1.9.5 allows remote attackers to obtain sensitive information (MySQL username and password) via an empty sort_mode parameter in (1) tiki-listpages.php, (2) tiki-lastchanges.php, (3) messu-archive.php, (4) messu-mailbox.php, (5) messu-sent.php, (6) tiki-directory_add_site.php, (7) tiki-directory_ranking.php, (8) tiki-directory_search.php, (9) tiki-forums.php, (10) tiki-view_forum.php, (11) tiki-friends.php, (12) tiki-list_blogs.php, (13) tiki-list_faqs.php, (14) tiki-list_trackers.php, (15) tiki-list_users.php, (16) tiki-my_tiki.php, (17) tiki-notepad_list.php, (18) tiki-orphan_pages.php, (19) tiki-shoutbox.php, (20) tiki-usermenu.php, and (21) tiki-webmail_contacts.php, which reveal the information in certain database error messages.

CVE-2024-32037

NONE

CVSS:0.0(None)

GeoNetwork is a catalog application to manage spatially referenced resources. In versions prior to 4.2.10 and 4.4.5, the search end-point response headers contain information about Elasticsearch softw...

CWE-2002024

CVE-2017-2320

CRITICAL

CVSS:10.0(Critical)

A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various denials o...

CWE-2002017

CVE-2019-5016

CRITICAL

CVSS:10.0(Critical)

An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potenti...

CWE-2002019

CVE-2020-13702

CRITICAL

CVSS:10.0(Critical)

The Rolling Proximity Identifier used in the Apple/Google Exposure Notification API beta through 2020-05-29 enables attackers to circumvent Bluetooth Smart Privacy because there is a secondary tempora...

CWE-2002020

CVE-2022-29165

CRITICAL

CVSS:10.0(Critical)

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A critical vulnerability has been discovered in Argo CD starting with version 1.4.0 and prior to versions 2.1.15, 2.2.9, and 2...

CWE-2002022

CVE-2025-22612

CRITICAL

CVSS:10.0(Critical)

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.374, the missing authorization allows an authenticated user to retrieve ...

CWE-2002025

CVE-2006-5702

Vulnerability Description

Related Vulnerabilities

CVE-2024-32037

CVE-2017-2320

CVE-2019-5016

CVE-2020-13702

CVE-2022-29165

CVE-2025-22612