Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-2361

EPSS 16.41% · P95
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-2361

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
PHP remote file inclusion vulnerability in pafiledb_constants.php in Download Manager (mxBB pafiledb) integration, as used with phpBB, allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
paFileDB pafiledb_constants.php 远程文件包含漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
paFileDB是一款文件管理脚本,允许版主管理站点下载文件数据库,还可以编辑和删除文件。 paFileDB在处理用户请求时存在输入验证漏洞,远程攻击者可能利用此漏洞在服务器上以Web进程权限执行任意命令。 paFileDB的pafiledb_constants.php脚本没有正确验证 module_root_path=http:// 参数的输入,允许攻击者通过包含本地或外部资源的任意文件导致执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-2361

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-2361

登录查看更多情报信息。

Same Patch Batch · n/a · 2006-05-15 · 22 CVEs total

CVE-2005-4801Yet Another PHP Image Gallery (YaPIG) 多个跨站请求伪造漏洞
CVE-2006-2369RealVNC VNC Server 授权问题漏洞
CVE-2006-2368Clansys index.php 跨站脚本攻击(XSS)漏洞
CVE-2006-2367Clansys index.php 跨站脚本攻击(XSS)漏洞
CVE-2006-2366Ircp libopenobex ircp_io.c 输入验证漏洞
CVE-2006-2365Vizra A_Login.PHP 跨站脚本攻击漏洞
CVE-2006-2364Adobe ColdFusion 验证功能 跨站脚本攻击漏洞
CVE-2006-2363Limbo CMS weblinks选项 SQL注入漏洞
CVE-2006-2362GNU Free Software Foundation GNU Binutils libbfd tekhex.c 缓冲区溢出漏洞
CVE-2006-2360phpBB Chart模块 SQL注入漏洞
CVE-2006-2359phpBB Chart模块 多个跨站脚本攻击漏洞
CVE-2006-2351Ipswitch WhatsUp Professional 多个跨站脚本攻击(XSS) 漏洞
CVE-2005-4800Yet Another PHP Image Gallery直接静态代码注入漏洞
CVE-2005-4799Yapig View.PHP跨站脚本攻击漏洞
CVE-2006-2358Web-Labs CMS 多个跨站脚本攻击漏洞
CVE-2006-2357Ipswitch WhatsUp Professional Login.asp 信息泄露漏洞
CVE-2006-2356Ipswitch WhatsUp Professional RenderMap.asp 信息泄露漏洞
CVE-2006-2355Ipswitch WhatsUp Professional 404错误信息 信息泄露漏洞
CVE-2006-2354Ipswitch WhatsUp ProfessionalLogin.asp 信息泄露漏洞
CVE-2006-2353Ipswitch WhatsUp Professional DeviceSelection.asp URL重定向漏洞

Showing top 20 of 22 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-2361

No comments yet

Leave a comment