CVSS: 7.5EPSS: 6%CPEs: 1EXPL: 1CVE-2006-6889 – FreeStyle Wiki 3.6.2 - 'user.dat' Password Disclosure
https://notcve.org/view.php?id=CVE-2006-6889
FreeStyle Wiki (fswiki) 3.6.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request for config/user.dat. FreeStyle Wiki (fswiki) 3.6.2 y anteriores almacena información sensible bajo la raiz web con insuficientes controles de acceso, lo cual permite a atacantes remotos obtener contraseñas a través de una respuesta directa en config/user.dat. • https://www.exploit-db.com/exploits/3047 https://exchange.xforce.ibmcloud.com/vulnerabilities/31227 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2006-3380
https://notcve.org/view.php?id=CVE-2006-3380
Algorithmic complexity vulnerability in FreeStyle Wiki before 3.6.2 allows remote attackers to cause a denial of service (CPU consumption) by performing a diff between large, crafted pages that trigger the worst case. Vulnerabilidad de complejidad algorítmica en versiones anteriores a 3.6.2 en FreeStyle Wiki, que permite a los atacantes remotos causar una denegación de servicios (agotamiento de CPU) desarrollando una diferencia entre largo, páginas manipuladas que lanzan el peor caso. • http://fswiki.poi.jp/wiki.cgi?page=%CD%FA%CE%F2%2F2006-7-3 http://jvn.jp/jp/JVN%2398836916/index.html http://secunia.com/advisories/20875 http://www.osvdb.org/26975 http://www.vupen.com/english/advisories/2006/2644 •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2005-1799
https://notcve.org/view.php?id=CVE-2005-1799
Cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.5.7 and WikiLite (FSWikiLite) .10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. • http://secunia.com/advisories/15538 http://www.securityfocus.com/bid/13824 •