CVE-2006-3836

high

Description

Directory traversal vulnerability in index.php in UNIDOmedia Chameleon LE 1.203 and earlier, and possibly Chameleon PRO, allows remote attackers to read arbitrary files via the rmid parameter.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/27898

http://www.vupen.com/english/advisories/2006/2948

http://www.securityfocus.com/archive/1/440765/100/0/threaded

http://securityreason.com/securityalert/1280

http://secunia.com/advisories/21156

Details

Source: Mitre, NVD

Published: 2006-07-25

Updated: 2026-04-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.07279

Detections

Analytics