CVE-2005-3796
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2005-3796
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Direct static code injection vulnerability in admin_options_manage.php in AlstraSoft Affiliate Network Pro 7.2 allows attackers to execute arbitrary PHP code via the number parameter. NOTE: it is not clear from the original report whether administrator privileges are required. If not, then this does not cross privilege boundaries and is not a vulnerability.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
AlstraSoft Affiliate Network Pro admin_options_manage.php直接静态代码注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
AlstraSoft Affiliate Network Pro是一个分支网络程序管理的多合一系统。 AlstraSoft Affiliate Network Pro 7.2的admin_options_manage.php中的直接静态代码注入漏洞,可让攻击者通过number参数执行任意PHP代码。注意:无法从原始报告得知是否需要管理员特权。如果不是这样,则此问题不会跨越特权边界,也不是漏洞。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2005-3796
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2005-3796
请登录查看更多情报信息。
Vendor Advisories for CVE-2005-3796 (4)
Mailing List Discussions for CVE-2005-3796 (1)
Security Blog Posts for CVE-2005-3796 (1)
- http://myblog.it-security23.net/?postid=5x_refsource_MISC
Other References for CVE-2005-3796 (1)
Same Patch Batch · n/a · 2005-11-24 · 18 CVEs total
| CVE-2005-3797 | AlstraSoft Template Seller Pro payment_paypal.php PHP远程文件包含漏洞 | |
| CVE-2005-3787 | PHPMyAdmin多个跨站脚本漏洞 | |
| CVE-2005-3804 | Cisco 7920无线IP电话开放的UDP端口漏洞 | |
| CVE-2005-3803 | Cisco 7920无线IP电话固定SNMP共同体串漏洞 | |
| CVE-2005-3802 | Belkin无线路由器远程认证绕过漏洞 | |
| CVE-2005-3801 | Counterpane Password Safe不安全的加密漏洞 | |
| CVE-2005-3800 | Macromedia Contribute Publishing Server不安全共享连接密钥加密漏洞 | |
| CVE-2005-3799 | phpBB 大型SQL查询敏感信息泄露漏洞 | |
| CVE-2005-3798 | AlstraSoft Template Seller Pro index.php SQL注入漏洞 | |
| CVE-2005-3788 | Cisco Adaptive Security Applicance故障转移拒绝服务漏洞 | |
| CVE-2005-3795 | AlstraSoft Affiliate Network Pro 多个跨站脚本漏洞 | |
| CVE-2005-3794 | AlstraSoft Affiliate Network Pro敏感信息泄露漏洞 | |
| CVE-2005-3793 | AlstraSoft Affiliate Network Pro多个SQL注入漏洞 | |
| CVE-2005-3792 | PHPNuke Search模块SQL注入漏洞 | |
| CVE-2005-3791 | phpAdsNew和phpPgAds HTTP响应拆分漏洞 | |
| CVE-2005-3790 | PHPWCMS多个跨站脚本攻击漏洞 | |
| CVE-2005-3789 | phpwcms 多个目录遍历漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-9422
KLiK SocialMediaWebsite HTTP POST Request Parameter injectio - CVE-2026-9421
KLiK SocialMediaWebsite File upload.inc.php uniqid unrestric - CVE-2026-9420
KLiK SocialMediaWebsite HTTP GET Request Parameter injection - CVE-2026-9376
JPress UCenter Article Submission Endpoint doWriteSave impro - CVE-2026-9373
JeecgBoot OpenAPI Endpoint call improper authentication
V. Comments for CVE-2005-3796
No comments yet