Search

Find a vulnerability

Search criteria

    8 vulnerabilities by alternc

    CVE-2006-6257 (GCVE-0-2006-6257)

    Vulnerability from nvd – Published: 2006-12-04 11:00 – Updated: 2024-08-07 20:19
    VLAI
    Summary
    The file manager in AlternC 0.9.5 and earlier, when warnings are enabled in PHP, allows remote attackers to obtain sensitive information via certain folder names such as ones composed of JavaScript code, which reveal the path in a warning message.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/452988/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/21355 vdb-entryx_refsource_BID
    http://securityreason.com/securityalert/1965 third-party-advisoryx_refsource_SREASON
    http://www.ground418.org/exploits/read.php?file=0… x_refsource_MISC
    http://secunia.com/advisories/23144 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/4851 vdb-entryx_refsource_VUPEN
    Date Public
    2006-11-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:19:35.103Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
              },
              {
                "name": "21355",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21355"
              },
              {
                "name": "1965",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1965"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
              },
              {
                "name": "23144",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23144"
              },
              {
                "name": "ADV-2006-4851",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4851"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The file manager in AlternC 0.9.5 and earlier, when warnings are enabled in PHP, allows remote attackers to obtain sensitive information via certain folder names such as ones composed of JavaScript code, which reveal the path in a warning message."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
            },
            {
              "name": "21355",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21355"
            },
            {
              "name": "1965",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1965"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
            },
            {
              "name": "23144",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23144"
            },
            {
              "name": "ADV-2006-4851",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4851"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6257",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The file manager in AlternC 0.9.5 and earlier, when warnings are enabled in PHP, allows remote attackers to obtain sensitive information via certain folder names such as ones composed of JavaScript code, which reveal the path in a warning message."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
                },
                {
                  "name": "21355",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21355"
                },
                {
                  "name": "1965",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1965"
                },
                {
                  "name": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt",
                  "refsource": "MISC",
                  "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
                },
                {
                  "name": "23144",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/23144"
                },
                {
                  "name": "ADV-2006-4851",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4851"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6257",
        "datePublished": "2006-12-04T11:00:00.000Z",
        "dateReserved": "2006-12-03T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:19:35.103Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6259 (GCVE-0-2006-6259)

    Vulnerability from nvd – Published: 2006-12-04 11:00 – Updated: 2024-08-07 20:19
    VLAI
    Summary
    Multiple directory traversal vulnerabilities in (a) class/functions.php and (b) class/m_bro.php in AlternC 0.9.5 and earlier allow remote attackers to (1) create arbitrary files and directories via a .. (dot dot) in the "create name" field and (2) read arbitrary files via a .. (dot dot) in the "web root" field when configuring a subdomain.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2006-11-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:19:35.199Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://dev.alternc.org/trac/alternc/changeset/1742"
              },
              {
                "name": "21355",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21355"
              },
              {
                "name": "alternc-multiple-directory-traversal(30626)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30626"
              },
              {
                "name": "1965",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1965"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://dev.alternc.org/trac/alternc/changeset/1737"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
              },
              {
                "name": "23144",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23144"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://dev.alternc.org/trac/alternc/changeset/1738"
              },
              {
                "name": "ADV-2006-4851",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4851"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://dev.alternc.org/trac/alternc/milestone/0.9.6"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple directory traversal vulnerabilities in (a) class/functions.php and (b) class/m_bro.php in AlternC 0.9.5 and earlier allow remote attackers to (1) create arbitrary files and directories via a .. (dot dot) in the \"create name\" field and (2) read arbitrary files via a .. (dot dot) in the \"web root\" field when configuring a subdomain."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://dev.alternc.org/trac/alternc/changeset/1742"
            },
            {
              "name": "21355",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21355"
            },
            {
              "name": "alternc-multiple-directory-traversal(30626)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30626"
            },
            {
              "name": "1965",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1965"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://dev.alternc.org/trac/alternc/changeset/1737"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
            },
            {
              "name": "23144",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23144"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://dev.alternc.org/trac/alternc/changeset/1738"
            },
            {
              "name": "ADV-2006-4851",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4851"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://dev.alternc.org/trac/alternc/milestone/0.9.6"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6259",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple directory traversal vulnerabilities in (a) class/functions.php and (b) class/m_bro.php in AlternC 0.9.5 and earlier allow remote attackers to (1) create arbitrary files and directories via a .. (dot dot) in the \"create name\" field and (2) read arbitrary files via a .. (dot dot) in the \"web root\" field when configuring a subdomain."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
                },
                {
                  "name": "http://dev.alternc.org/trac/alternc/changeset/1742",
                  "refsource": "CONFIRM",
                  "url": "http://dev.alternc.org/trac/alternc/changeset/1742"
                },
                {
                  "name": "21355",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21355"
                },
                {
                  "name": "alternc-multiple-directory-traversal(30626)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30626"
                },
                {
                  "name": "1965",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1965"
                },
                {
                  "name": "http://dev.alternc.org/trac/alternc/changeset/1737",
                  "refsource": "CONFIRM",
                  "url": "http://dev.alternc.org/trac/alternc/changeset/1737"
                },
                {
                  "name": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt",
                  "refsource": "MISC",
                  "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
                },
                {
                  "name": "23144",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/23144"
                },
                {
                  "name": "http://dev.alternc.org/trac/alternc/changeset/1738",
                  "refsource": "CONFIRM",
                  "url": "http://dev.alternc.org/trac/alternc/changeset/1738"
                },
                {
                  "name": "ADV-2006-4851",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4851"
                },
                {
                  "name": "https://dev.alternc.org/trac/alternc/milestone/0.9.6",
                  "refsource": "CONFIRM",
                  "url": "https://dev.alternc.org/trac/alternc/milestone/0.9.6"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6259",
        "datePublished": "2006-12-04T11:00:00.000Z",
        "dateReserved": "2006-12-03T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:19:35.199Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6256 (GCVE-0-2006-6256)

    Vulnerability from nvd – Published: 2006-12-04 11:00 – Updated: 2024-08-07 20:19
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in the file manager in admin/bro_main.php in AlternC 0.9.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a folder name.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2006-11-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:19:35.093Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
              },
              {
                "name": "21355",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21355"
              },
              {
                "name": "1965",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1965"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
              },
              {
                "name": "23144",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23144"
              },
              {
                "name": "alternc-multiple-xss(30625)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30625"
              },
              {
                "name": "ADV-2006-4851",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4851"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://dev.alternc.org/trac/alternc/changeset/1739"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://dev.alternc.org/trac/alternc/milestone/0.9.6"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in the file manager in admin/bro_main.php in AlternC 0.9.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a folder name."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
            },
            {
              "name": "21355",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21355"
            },
            {
              "name": "1965",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1965"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
            },
            {
              "name": "23144",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23144"
            },
            {
              "name": "alternc-multiple-xss(30625)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30625"
            },
            {
              "name": "ADV-2006-4851",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4851"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://dev.alternc.org/trac/alternc/changeset/1739"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://dev.alternc.org/trac/alternc/milestone/0.9.6"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6256",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in the file manager in admin/bro_main.php in AlternC 0.9.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a folder name."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
                },
                {
                  "name": "21355",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21355"
                },
                {
                  "name": "1965",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1965"
                },
                {
                  "name": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt",
                  "refsource": "MISC",
                  "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
                },
                {
                  "name": "23144",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/23144"
                },
                {
                  "name": "alternc-multiple-xss(30625)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30625"
                },
                {
                  "name": "ADV-2006-4851",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4851"
                },
                {
                  "name": "http://dev.alternc.org/trac/alternc/changeset/1739",
                  "refsource": "CONFIRM",
                  "url": "http://dev.alternc.org/trac/alternc/changeset/1739"
                },
                {
                  "name": "https://dev.alternc.org/trac/alternc/milestone/0.9.6",
                  "refsource": "CONFIRM",
                  "url": "https://dev.alternc.org/trac/alternc/milestone/0.9.6"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6256",
        "datePublished": "2006-12-04T11:00:00.000Z",
        "dateReserved": "2006-12-03T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:19:35.093Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6258 (GCVE-0-2006-6258)

    Vulnerability from nvd – Published: 2006-12-04 11:00 – Updated: 2024-08-07 20:19
    VLAI
    Summary
    The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQL password in cleartext in a cookie, which might allow remote attackers to obtain the password by sniffing or by conducting a cross-site scripting (XSS) attack.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/452988/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/21355 vdb-entryx_refsource_BID
    http://securityreason.com/securityalert/1965 third-party-advisoryx_refsource_SREASON
    http://www.ground418.org/exploits/read.php?file=0… x_refsource_MISC
    http://secunia.com/advisories/23144 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2006/4851 vdb-entryx_refsource_VUPEN
    Date Public
    2006-11-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:19:35.079Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
              },
              {
                "name": "21355",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21355"
              },
              {
                "name": "1965",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1965"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
              },
              {
                "name": "23144",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23144"
              },
              {
                "name": "alternc-multiple-xss(30625)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30625"
              },
              {
                "name": "ADV-2006-4851",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4851"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQL password in cleartext in a cookie, which might allow remote attackers to obtain the password by sniffing or by conducting a cross-site scripting (XSS) attack."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
            },
            {
              "name": "21355",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21355"
            },
            {
              "name": "1965",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1965"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
            },
            {
              "name": "23144",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23144"
            },
            {
              "name": "alternc-multiple-xss(30625)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30625"
            },
            {
              "name": "ADV-2006-4851",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4851"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6258",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQL password in cleartext in a cookie, which might allow remote attackers to obtain the password by sniffing or by conducting a cross-site scripting (XSS) attack."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
                },
                {
                  "name": "21355",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21355"
                },
                {
                  "name": "1965",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1965"
                },
                {
                  "name": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt",
                  "refsource": "MISC",
                  "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
                },
                {
                  "name": "23144",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/23144"
                },
                {
                  "name": "alternc-multiple-xss(30625)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30625"
                },
                {
                  "name": "ADV-2006-4851",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4851"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6258",
        "datePublished": "2006-12-04T11:00:00.000Z",
        "dateReserved": "2006-12-03T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:19:35.079Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6257 (GCVE-0-2006-6257)

    Vulnerability from cvelistv5 – Published: 2006-12-04 11:00 – Updated: 2024-08-07 20:19
    VLAI
    Summary
    The file manager in AlternC 0.9.5 and earlier, when warnings are enabled in PHP, allows remote attackers to obtain sensitive information via certain folder names such as ones composed of JavaScript code, which reveal the path in a warning message.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/452988/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/21355 vdb-entryx_refsource_BID
    http://securityreason.com/securityalert/1965 third-party-advisoryx_refsource_SREASON
    http://www.ground418.org/exploits/read.php?file=0… x_refsource_MISC
    http://secunia.com/advisories/23144 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/4851 vdb-entryx_refsource_VUPEN
    Date Public
    2006-11-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:19:35.103Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
              },
              {
                "name": "21355",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21355"
              },
              {
                "name": "1965",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1965"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
              },
              {
                "name": "23144",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23144"
              },
              {
                "name": "ADV-2006-4851",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4851"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The file manager in AlternC 0.9.5 and earlier, when warnings are enabled in PHP, allows remote attackers to obtain sensitive information via certain folder names such as ones composed of JavaScript code, which reveal the path in a warning message."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
            },
            {
              "name": "21355",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21355"
            },
            {
              "name": "1965",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1965"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
            },
            {
              "name": "23144",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23144"
            },
            {
              "name": "ADV-2006-4851",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4851"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6257",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The file manager in AlternC 0.9.5 and earlier, when warnings are enabled in PHP, allows remote attackers to obtain sensitive information via certain folder names such as ones composed of JavaScript code, which reveal the path in a warning message."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
                },
                {
                  "name": "21355",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21355"
                },
                {
                  "name": "1965",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1965"
                },
                {
                  "name": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt",
                  "refsource": "MISC",
                  "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
                },
                {
                  "name": "23144",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/23144"
                },
                {
                  "name": "ADV-2006-4851",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4851"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6257",
        "datePublished": "2006-12-04T11:00:00.000Z",
        "dateReserved": "2006-12-03T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:19:35.103Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6259 (GCVE-0-2006-6259)

    Vulnerability from cvelistv5 – Published: 2006-12-04 11:00 – Updated: 2024-08-07 20:19
    VLAI
    Summary
    Multiple directory traversal vulnerabilities in (a) class/functions.php and (b) class/m_bro.php in AlternC 0.9.5 and earlier allow remote attackers to (1) create arbitrary files and directories via a .. (dot dot) in the "create name" field and (2) read arbitrary files via a .. (dot dot) in the "web root" field when configuring a subdomain.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2006-11-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:19:35.199Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://dev.alternc.org/trac/alternc/changeset/1742"
              },
              {
                "name": "21355",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21355"
              },
              {
                "name": "alternc-multiple-directory-traversal(30626)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30626"
              },
              {
                "name": "1965",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1965"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://dev.alternc.org/trac/alternc/changeset/1737"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
              },
              {
                "name": "23144",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23144"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://dev.alternc.org/trac/alternc/changeset/1738"
              },
              {
                "name": "ADV-2006-4851",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4851"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://dev.alternc.org/trac/alternc/milestone/0.9.6"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple directory traversal vulnerabilities in (a) class/functions.php and (b) class/m_bro.php in AlternC 0.9.5 and earlier allow remote attackers to (1) create arbitrary files and directories via a .. (dot dot) in the \"create name\" field and (2) read arbitrary files via a .. (dot dot) in the \"web root\" field when configuring a subdomain."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://dev.alternc.org/trac/alternc/changeset/1742"
            },
            {
              "name": "21355",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21355"
            },
            {
              "name": "alternc-multiple-directory-traversal(30626)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30626"
            },
            {
              "name": "1965",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1965"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://dev.alternc.org/trac/alternc/changeset/1737"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
            },
            {
              "name": "23144",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23144"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://dev.alternc.org/trac/alternc/changeset/1738"
            },
            {
              "name": "ADV-2006-4851",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4851"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://dev.alternc.org/trac/alternc/milestone/0.9.6"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6259",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple directory traversal vulnerabilities in (a) class/functions.php and (b) class/m_bro.php in AlternC 0.9.5 and earlier allow remote attackers to (1) create arbitrary files and directories via a .. (dot dot) in the \"create name\" field and (2) read arbitrary files via a .. (dot dot) in the \"web root\" field when configuring a subdomain."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
                },
                {
                  "name": "http://dev.alternc.org/trac/alternc/changeset/1742",
                  "refsource": "CONFIRM",
                  "url": "http://dev.alternc.org/trac/alternc/changeset/1742"
                },
                {
                  "name": "21355",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21355"
                },
                {
                  "name": "alternc-multiple-directory-traversal(30626)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30626"
                },
                {
                  "name": "1965",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1965"
                },
                {
                  "name": "http://dev.alternc.org/trac/alternc/changeset/1737",
                  "refsource": "CONFIRM",
                  "url": "http://dev.alternc.org/trac/alternc/changeset/1737"
                },
                {
                  "name": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt",
                  "refsource": "MISC",
                  "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
                },
                {
                  "name": "23144",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/23144"
                },
                {
                  "name": "http://dev.alternc.org/trac/alternc/changeset/1738",
                  "refsource": "CONFIRM",
                  "url": "http://dev.alternc.org/trac/alternc/changeset/1738"
                },
                {
                  "name": "ADV-2006-4851",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4851"
                },
                {
                  "name": "https://dev.alternc.org/trac/alternc/milestone/0.9.6",
                  "refsource": "CONFIRM",
                  "url": "https://dev.alternc.org/trac/alternc/milestone/0.9.6"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6259",
        "datePublished": "2006-12-04T11:00:00.000Z",
        "dateReserved": "2006-12-03T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:19:35.199Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6256 (GCVE-0-2006-6256)

    Vulnerability from cvelistv5 – Published: 2006-12-04 11:00 – Updated: 2024-08-07 20:19
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in the file manager in admin/bro_main.php in AlternC 0.9.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a folder name.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2006-11-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:19:35.093Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
              },
              {
                "name": "21355",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21355"
              },
              {
                "name": "1965",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1965"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
              },
              {
                "name": "23144",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23144"
              },
              {
                "name": "alternc-multiple-xss(30625)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30625"
              },
              {
                "name": "ADV-2006-4851",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4851"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://dev.alternc.org/trac/alternc/changeset/1739"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://dev.alternc.org/trac/alternc/milestone/0.9.6"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in the file manager in admin/bro_main.php in AlternC 0.9.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a folder name."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
            },
            {
              "name": "21355",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21355"
            },
            {
              "name": "1965",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1965"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
            },
            {
              "name": "23144",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23144"
            },
            {
              "name": "alternc-multiple-xss(30625)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30625"
            },
            {
              "name": "ADV-2006-4851",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4851"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://dev.alternc.org/trac/alternc/changeset/1739"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://dev.alternc.org/trac/alternc/milestone/0.9.6"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6256",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in the file manager in admin/bro_main.php in AlternC 0.9.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a folder name."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
                },
                {
                  "name": "21355",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21355"
                },
                {
                  "name": "1965",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1965"
                },
                {
                  "name": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt",
                  "refsource": "MISC",
                  "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
                },
                {
                  "name": "23144",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/23144"
                },
                {
                  "name": "alternc-multiple-xss(30625)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30625"
                },
                {
                  "name": "ADV-2006-4851",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4851"
                },
                {
                  "name": "http://dev.alternc.org/trac/alternc/changeset/1739",
                  "refsource": "CONFIRM",
                  "url": "http://dev.alternc.org/trac/alternc/changeset/1739"
                },
                {
                  "name": "https://dev.alternc.org/trac/alternc/milestone/0.9.6",
                  "refsource": "CONFIRM",
                  "url": "https://dev.alternc.org/trac/alternc/milestone/0.9.6"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6256",
        "datePublished": "2006-12-04T11:00:00.000Z",
        "dateReserved": "2006-12-03T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:19:35.093Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6258 (GCVE-0-2006-6258)

    Vulnerability from cvelistv5 – Published: 2006-12-04 11:00 – Updated: 2024-08-07 20:19
    VLAI
    Summary
    The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQL password in cleartext in a cookie, which might allow remote attackers to obtain the password by sniffing or by conducting a cross-site scripting (XSS) attack.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/452988/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/21355 vdb-entryx_refsource_BID
    http://securityreason.com/securityalert/1965 third-party-advisoryx_refsource_SREASON
    http://www.ground418.org/exploits/read.php?file=0… x_refsource_MISC
    http://secunia.com/advisories/23144 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2006/4851 vdb-entryx_refsource_VUPEN
    Date Public
    2006-11-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:19:35.079Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
              },
              {
                "name": "21355",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21355"
              },
              {
                "name": "1965",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1965"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
              },
              {
                "name": "23144",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23144"
              },
              {
                "name": "alternc-multiple-xss(30625)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30625"
              },
              {
                "name": "ADV-2006-4851",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4851"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQL password in cleartext in a cookie, which might allow remote attackers to obtain the password by sniffing or by conducting a cross-site scripting (XSS) attack."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
            },
            {
              "name": "21355",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21355"
            },
            {
              "name": "1965",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1965"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
            },
            {
              "name": "23144",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23144"
            },
            {
              "name": "alternc-multiple-xss(30625)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30625"
            },
            {
              "name": "ADV-2006-4851",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4851"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6258",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQL password in cleartext in a cookie, which might allow remote attackers to obtain the password by sniffing or by conducting a cross-site scripting (XSS) attack."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061128 Multiple Vulnerabilities in AlternC version 0.9.5",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/452988/100/0/threaded"
                },
                {
                  "name": "21355",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21355"
                },
                {
                  "name": "1965",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1965"
                },
                {
                  "name": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt",
                  "refsource": "MISC",
                  "url": "http://www.ground418.org/exploits/read.php?file=06-alternC-095.txt"
                },
                {
                  "name": "23144",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/23144"
                },
                {
                  "name": "alternc-multiple-xss(30625)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30625"
                },
                {
                  "name": "ADV-2006-4851",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4851"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6258",
        "datePublished": "2006-12-04T11:00:00.000Z",
        "dateReserved": "2006-12-03T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:19:35.079Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }