CyberSec.Space Logo
Back to CVE Browser

CVE-2006-6258

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.1240%
EPSS Percentile37.71th
PublishedDec 4, 2006
Last ModifiedApr 23, 2026

Vulnerability Description

The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQL password in cleartext in a cookie, which might allow remote attackers to obtain the password by sniffing or by conducting a cross-site scripting (XSS) attack.

Affected Platforms (CPE)

πŸ“¦
Alternc

Alternc

<= 0.9.5

References & Advisories

πŸ”— http://secunia.com/advisories/23144
πŸ”— http://securityreason.com/securityalert/1965
πŸ”— http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt
πŸ”— http://www.securityfocus.com/archive/1/452988/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/21355
πŸ”— http://www.vupen.com/english/advisories/2006/4851
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/30625
πŸ”— http://secunia.com/advisories/23144

Related Vulnerabilities

CVE-2006-625910.0

Multiple directory traversal vulnerabilities in (a) class/functions.php and (b) class/m_bro.php in AlternC 0.9.5 and earlier allow...

CVE-2006-62566.8

Cross-site scripting (XSS) vulnerability in the file manager in admin/bro_main.php in AlternC 0.9.5 and earlier allows remote atta...

CVE-2006-62576.8

The file manager in AlternC 0.9.5 and earlier, when warnings are enabled in PHP, allows remote attackers to obtain sensitive infor...

CVE-2006-610210.0

Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X ser...