CVE-2006-2690

CVE-2006-2690 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:N/A:N

An unspecified script in EVA-Web 2.1.2 and earlier, probably index.php, allows remote attackers to obtain the full path of the web server via invalid (1) perso or (2) aide parameters.

Learn more about our Web App Pen Testing.