CyberSec.Space Logo
CVEブラウザに戻る

CVE-2006-6257

MEDIUM
6.8
CVSS Severity Score
EPSS Score0.0540%
EPSS Percentile3.79th
Published2006年12月4日
Last Modified2026年4月23日

Vulnerability Description

The file manager in AlternC 0.9.5 and earlier, when warnings are enabled in PHP, allows remote attackers to obtain sensitive information via certain folder names such as ones composed of JavaScript code, which reveal the path in a warning message.

Affected Platforms (CPE)

📦
Alternc

Alternc

<= 0.9.5

References & Advisories

🔗 http://secunia.com/advisories/23144
🔗 http://securityreason.com/securityalert/1965
🔗 http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt
🔗 http://www.securityfocus.com/archive/1/452988/100/0/threaded
🔗 http://www.securityfocus.com/bid/21355
🔗 http://www.vupen.com/english/advisories/2006/4851
🔗 http://secunia.com/advisories/23144
🔗 http://securityreason.com/securityalert/1965

関連する脆弱性情報

CVE-2006-625910.0

Multiple directory traversal vulnerabilities in (a) class/functions.php and (b) class/m_bro.php in AlternC 0.9.5 and earlier allow...

CVE-2006-62589.3

The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQL password in cleartext in a cookie, which might allow remot...

CVE-2006-62566.8

Cross-site scripting (XSS) vulnerability in the file manager in admin/bro_main.php in AlternC 0.9.5 and earlier allows remote atta...

CVE-2006-607610.0

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier ...