CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2006-6258

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.1240%
EPSS Percentile37.71th
Published2006年12月4日
Last Modified2026年4月23日

Vulnerability Description

The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQL password in cleartext in a cookie, which might allow remote attackers to obtain the password by sniffing or by conducting a cross-site scripting (XSS) attack.

Affected Platforms (CPE)

📦
Alternc

Alternc

<= 0.9.5

References & Advisories

🔗 http://secunia.com/advisories/23144
🔗 http://securityreason.com/securityalert/1965
🔗 http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt
🔗 http://www.securityfocus.com/archive/1/452988/100/0/threaded
🔗 http://www.securityfocus.com/bid/21355
🔗 http://www.vupen.com/english/advisories/2006/4851
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/30625
🔗 http://secunia.com/advisories/23144

相關漏洞威脅

CVE-2006-625910.0

Multiple directory traversal vulnerabilities in (a) class/functions.php and (b) class/m_bro.php in AlternC 0.9.5 and earlier allow...

CVE-2006-62566.8

Cross-site scripting (XSS) vulnerability in the file manager in admin/bro_main.php in AlternC 0.9.5 and earlier allows remote atta...

CVE-2006-62576.8

The file manager in AlternC 0.9.5 and earlier, when warnings are enabled in PHP, allows remote attackers to obtain sensitive infor...

CVE-2006-446110.0

Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the pr...