CyberSec.Space Logo
返回 CVE 浏览器

CVE-2006-6257

MEDIUM
6.8
CVSS Severity Score
EPSS Score0.0540%
EPSS Percentile3.79th
Published2006年12月4日
Last Modified2026年4月23日

Vulnerability Description

The file manager in AlternC 0.9.5 and earlier, when warnings are enabled in PHP, allows remote attackers to obtain sensitive information via certain folder names such as ones composed of JavaScript code, which reveal the path in a warning message.

Affected Platforms (CPE)

📦
Alternc

Alternc

<= 0.9.5

References & Advisories

🔗 http://secunia.com/advisories/23144
🔗 http://securityreason.com/securityalert/1965
🔗 http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt
🔗 http://www.securityfocus.com/archive/1/452988/100/0/threaded
🔗 http://www.securityfocus.com/bid/21355
🔗 http://www.vupen.com/english/advisories/2006/4851
🔗 http://secunia.com/advisories/23144
🔗 http://securityreason.com/securityalert/1965

相关漏洞威胁

CVE-2006-625910.0

Multiple directory traversal vulnerabilities in (a) class/functions.php and (b) class/m_bro.php in AlternC 0.9.5 and earlier allow...

CVE-2006-62589.3

The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQL password in cleartext in a cookie, which might allow remot...

CVE-2006-62566.8

Cross-site scripting (XSS) vulnerability in the file manager in admin/bro_main.php in AlternC 0.9.5 and earlier allows remote atta...

CVE-2006-446110.0

Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the pr...