Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Jun 3, 2006· Updated Apr 16, 2026

CVE-2006-2794

CVE-2006-2794

Description

Hesabim.asp in ASPSitem 2.0 and earlier allows remote attackers to read private messages of other users via a modified id parameter.

Affected products

2

Aspsitem/Aspsitem2 versions
cpe:2.3:a:aspsitem:aspsitem:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:aspsitem:aspsitem:*:*:*:*:*:*:*:*range: <=2.0
- cpe:2.3:a:aspsitem:aspsitem:1.83:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

secunia.com/advisories/20355nvdExploitPatchVendor Advisory
www.nukedx.comnvdExploitVendor Advisory
securityreason.com/securityalert/1021nvd
www.securityfocus.com/archive/1/435287/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/26859nvd

News mentions

0

No linked articles in our index yet.