CVE-2006-6259

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1580%

EPSS Percentile2.76th

Published2006年12月4日

Last Modified2026年4月23日

Vulnerability Description

Multiple directory traversal vulnerabilities in (a) class/functions.php and (b) class/m_bro.php in AlternC 0.9.5 and earlier allow remote attackers to (1) create arbitrary files and directories via a .. (dot dot) in the "create name" field and (2) read arbitrary files via a .. (dot dot) in the "web root" field when configuring a subdomain.

Affected Platforms (CPE)

📦

Alternc

<= 0.9.5

References & Advisories

🔗 http://dev.alternc.org/trac/alternc/changeset/1737

🔗 http://dev.alternc.org/trac/alternc/changeset/1738

🔗 http://dev.alternc.org/trac/alternc/changeset/1742

🔗 http://secunia.com/advisories/23144

🔗 http://securityreason.com/securityalert/1965

🔗 http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt

🔗 http://www.securityfocus.com/archive/1/452988/100/0/threaded

🔗 http://www.securityfocus.com/bid/21355

Vulnerability Description

Affected Platforms (CPE)

Alternc

References & Advisories

関連する脆弱性情報