CyberSec.Space Logo
Back to CVE Browser

CVE-2006-6257

MEDIUM
6.8
CVSS Severity Score
EPSS Score0.0540%
EPSS Percentile3.79th
PublishedDec 4, 2006
Last ModifiedApr 23, 2026

Vulnerability Description

The file manager in AlternC 0.9.5 and earlier, when warnings are enabled in PHP, allows remote attackers to obtain sensitive information via certain folder names such as ones composed of JavaScript code, which reveal the path in a warning message.

Affected Platforms (CPE)

πŸ“¦
Alternc

Alternc

<= 0.9.5

References & Advisories

πŸ”— http://secunia.com/advisories/23144
πŸ”— http://securityreason.com/securityalert/1965
πŸ”— http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt
πŸ”— http://www.securityfocus.com/archive/1/452988/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/21355
πŸ”— http://www.vupen.com/english/advisories/2006/4851
πŸ”— http://secunia.com/advisories/23144
πŸ”— http://securityreason.com/securityalert/1965

Related Vulnerabilities

CVE-2006-625910.0

Multiple directory traversal vulnerabilities in (a) class/functions.php and (b) class/m_bro.php in AlternC 0.9.5 and earlier allow...

CVE-2006-62589.3

The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQL password in cleartext in a cookie, which might allow remot...

CVE-2006-62566.8

Cross-site scripting (XSS) vulnerability in the file manager in admin/bro_main.php in AlternC 0.9.5 and earlier allows remote atta...

CVE-2006-610210.0

Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X ser...