CVE-2006-6378

high

Description

BTSaveMySql 1.2 stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain configuration and save files via direct requests.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/30760

http://www.securityfocus.com/archive/1/453652/100/0/threaded

http://securityreason.com/securityalert/2002

Details

Source: Mitre, NVD

Published: 2006-12-07

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00522