VYPR
Unrated severityNVD Advisory· Published Feb 12, 2007· Updated Jun 16, 2026

CVE-2006-6999

CVE-2006-6999

Description

attachment.php in Headstart Solutions DeskPRO allows remote attackers to read all uploaded files by providing the file number in a modified id parameter.

Affected products

3
  • cpe:2.3:a:headstart_solutions:deskpro:2.0.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:headstart_solutions:deskpro:2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:headstart_solutions:deskpro:2.0.1:*:*:*:*:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.