CVE-2006-1480

EPSS 7.41% · P92 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-1480

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Directory traversal vulnerability in start.php in WebAlbum 2.02 allows remote attackers to include arbitrary files and execute commands by (1) injecting code into local log files via GET commands, then (2) accessing that log via a .. (dot dot) sequence and a trailing null (%00) byte in the skin2 COOKIE parameter.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

WEBalbum远程命令执行漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

在WebAlbum 2.02的start.php中存在目录遍访漏洞，远程攻击者可通过以下途径包含任意文件和执行命令：(1) 通过GET命令将代码注入到本地记录文件中，然后(2)通过位于skin2 COOKIE参数（该参数中包含..）序列和后缀"空"(%00)字节访问该记录文件。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2006-1480

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2006-1480

请登录查看更多情报信息。

https://www.exploit-db.com/exploits/1608exploitx_refsource_EXPLOIT-DB
http://secunia.com/advisories/19400third-party-advisoryx_refsource_SECUNIA
http://www.osvdb.org/24160vdb-entryx_refsource_OSVDB
http://www.securityfocus.com/bid/17228vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2006/1108vdb-entryx_refsource_VUPEN
https://nvd.nist.gov/vuln/detail/CVE-2006-1480

Same Patch Batch · n/a · 2006-03-29 · 22 CVEs total

CVE-2006-1474		Raindance Web Conferencing Pro "failed"函数跨站脚本攻击(XSS)漏洞
CVE-2006-1485		Noah Grey Greymatter 'gm-upload.cgi'任意文件上载漏洞
CVE-2006-1484		Genius VideoCAM NB本地特权升级漏洞
CVE-2006-1483		Blazix Java Application/Web Server JSP源码泄露漏洞
CVE-2006-1482		ConfTool 'Index.PHP'跨站脚本攻击漏洞
CVE-2006-1481		PHP Ticket 'Search.PHP' SQL注入漏洞
CVE-2006-1479		GTD-PHP多个输入验证漏洞
CVE-2006-1478		Turnkey Web Tools PHP Live Helper 'initiate.php'目录遍历漏洞
CVE-2006-1477		PHP Live Helper 'Initiate.PHP'远程文件包含漏洞
CVE-2006-1476		Microsoft Windows XP 防火墙".exe"文件诱导恶意文件漏洞
CVE-2006-1475		Microsoft Windows XP Windows防火墙NTFS Alternate Data Streams木马攻击漏洞
CVE-2006-0459		Flex 缓冲区错误漏洞
CVE-1999-1587		Sun Microsystems Solaris /usr/ucb/ps变量值任意查看漏洞
CVE-2006-1488		ActiveCampaign SupportTrio 多个敏感信息泄露漏洞
CVE-2006-1487		ActiveCampaign KnowledgeBase搜索模块不明参数跨站脚本攻击漏洞
CVE-2006-1486		RealestateZONE ‘index.cfm’跨站脚本攻击漏洞
CVE-2006-1489		FusionZONE CouponZONE多个SQL注入漏洞
CVE-2006-1490		PHP 安全漏洞
CVE-2006-1493		Explorer 'dir.php'跨站脚本攻击(XSS)漏洞
CVE-2006-1492		Explorer XP ‘dir.php’目录遍历漏洞

Showing top 20 of 22 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2006-1480

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2006-1480

I. Basic Information for CVE-2006-1480

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2006-1480

III. Intelligence Information for CVE-2006-1480

Same Patch Batch · n/a · 2006-03-29 · 22 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2006-1480

Leave a comment