Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-2471

EPSS 0.39% · P60
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-2471

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple vulnerabilities in BEA WebLogic Server 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 leak sensitive information to remote attackers, including (1) DNS and IP addresses to address to T3 clients, (2) internal sensitive information using GetIORServlet, (3) certain "server details" in exceptions when invalid XML is provided, and (4) a stack trace in a SOAP fault.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
BEA WebLogic Server 多个信息泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
BEA WebLogic Server 8.1到SP4,7.0到SP6,以及6.1到SP7存在多个漏洞,会向远程攻击者泄露敏感信息,包括(1)DNS和IP地址到T3客户端地址, (2)使用GetIORServlet的内部敏感信息,(3)提供无效XML时的例外中的某些"服务器细节",以及(4)SOAP故障中的堆栈追踪。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-2471

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-2471

登录查看更多情报信息。

Same Patch Batch · n/a · 2006-05-19 · 36 CVEs total

CVE-2006-2463SelectaPix view_album.php 信息泄露漏洞
CVE-2006-2476Bitrix Site Manager updater.log 信息泄露漏洞
CVE-2006-2477管理接口Bitrix Site Manager 未明跨站脚本攻击漏洞
CVE-2006-2478Bitrix Site Manager back_url URL重定向漏洞
CVE-2006-2479Bitrix Site Manager Update功能 信息泄露漏洞
CVE-2006-2459PHP-Fusion messages.php SQL注入漏洞
CVE-2006-2460SugarCRM GLOBALS[sugarEntry]参数 目录遍历或PHP远程文件包含漏洞
CVE-2006-2461BEA WebLogic Server 非SSL加密传输 信息泄露漏洞
CVE-2006-2462BEA WebLogic Server JTA事务 信息泄露漏洞
CVE-2006-2475Cosmoshop 多个目录遍历漏洞
CVE-2006-2464BEA WebLogic Server stopWebLogic.sh 信息泄露漏洞
CVE-2006-2465MP3Info 未明缓冲区溢出漏洞
CVE-2006-2466BEA WebLogic Server JSP showcode 漏洞
CVE-2006-2467BEA WebLogic Server 管理控制台 信息泄露漏洞
CVE-2006-2468BEA WebLogic Server 控制台登录表单 信息泄露漏洞
CVE-2006-2469BEA WebLogic Server HTTP handler 信息泄露漏洞
CVE-2006-2470BEA WebLogic Server 管理控制台 未明漏洞
CVE-2006-2472BEA WebLogic Server 未明漏洞
CVE-2006-2491BoastMachine Admin.PHP 跨站脚本攻击漏洞
CVE-2006-2483Squirrelcart cart_content.php 远程文件包含漏洞

Showing top 20 of 36 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-2471

No comments yet

Leave a comment