CVE-2006-0636

EPSS 1.27% · P80 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-0636

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

desktop.php in eyeOS 0.8.9 and earlier tests for the existence of the _SESSION variable before calling the session_start function, which allows remote attackers to execute arbitrary PHP code and possibly conduct other attacks by modifying critical assumed-immutable variables, as demonstrated using PHP code in the _SESSION[apps][eyeOptions.eyeapp][wrapup] variable.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

EyeOS会话远程命令执行漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

eyeOS 0.8.9及之前版本中的desktop.php在调用session_start功能之前会测试_SESSION变量是否存在，从而使得远程攻击者可以通过修改关键的假定不变变量来执行任意PHP代码，并可能执行其他攻击(如演示中使用_SESSION[apps][eyeOptions.eyeapp][wrapup]变量中的PHP代码) 。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2006-0636

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2006-0636

请登录查看更多情报信息。

http://www.gulftech.org/?node=research&article_id=00096-02072006x_refsource_MISC
http://secunia.com/advisories/18757third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/16537vdb-entryx_refsource_BID
http://securitytracker.com/id?1015609vdb-entryx_refsource_SECTRACK
http://www.vupen.com/english/advisories/2006/0466vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/24569vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/424329/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2006-0636

Same Patch Batch · n/a · 2006-02-10 · 20 CVEs total

CVE-2006-0634		Borland C++Builder "i>sizeof(int)" 整数溢出漏洞
CVE-2006-0644		CPG Dragonfly CMS多个目录遍历漏洞
CVE-2006-0643		WiredRed E/POP Web Conferencing 跨站脚本攻击漏洞
CVE-2006-0642		Trend Micro ServerProtect已提取文件数超出扫描绕过漏洞
CVE-2006-0641		Orbicule Undercover 信息泄露漏洞
CVE-2006-0640		Orbicule Undercover '/private/etc/uc.app/Contents/MacOS/uc' 安全权限漏洞
CVE-2006-0639		MyBB 'search.php' 跨站脚本攻击漏洞
CVE-2006-0638		MyBB Moderation.PHP SQL注入漏洞
CVE-2006-0637		QUALCOMM Eudora WorldMai 'cram.dll' 缓冲区溢出漏洞
CVE-2006-0635		Tiny C Compiler "i>sizeof(int)" 整数溢出漏洞
CVE-2006-0645		GNUTLS LibTASN1 DER 拒绝服务漏洞
CVE-2006-0633		Invision Power Board 'ipsclass.php' make_password 功能认证代码创建漏洞
CVE-2006-0632		phpBB gen_rand_string功能电子邮件激活密钥安全信息泄露漏洞
CVE-2006-0631		Erik C mailback.pl CRLF注入漏洞
CVE-2006-0630		Ritlabs The Bat! 报头欺骗漏洞
CVE-2006-0629		AOL Instant Messenger 未明漏洞
CVE-2006-0628		Dale Ray MyQuiz myquiz.pl 任意代码执行漏洞
CVE-2005-4711		Neocrome Land Down Under SQL注入漏洞
CVE-2005-4710		Autodesk多个产品远程未授权访问漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2006-0636

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2006-0636

I. Basic Information for CVE-2006-0636

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2006-0636

III. Intelligence Information for CVE-2006-0636

Same Patch Batch · n/a · 2006-02-10 · 20 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2006-0636

Leave a comment