Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-3069

EPSS 7.38% · P92
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-3069

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
PHP remote file inclusion vulnerability in DoubleSpeak 0.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the config[private] parameter in multiple files, as demonstrated by (1) index.php, (2) faq.php, and (3) hardware.php. NOTE: this issue has been disputed by multiple third-party researchers, who state that config[private] is initialized in an include file before being used
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
RETIRED: DoubleSpeak 多个远程文件包含漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
** 有争议 ** DoubleSpeak 0.1存在PHP远程文件包含漏洞。register_globals启用时,远程攻击者可以借助多个文件中的config[private]参数,执行任意PHP代码,比如(1) index.php, (2) faq.php和(3) hardware.php。注: 多位第三方研究者对此提出反驳,声称config[private]在被使用前已在include文件中初始化。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-3069

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-3069

登录查看更多情报信息。

Same Patch Batch · n/a · 2006-06-19 · 36 CVEs total

CVE-2006-3072Symantec Security Information Manager M4 Mac 认证绕过漏洞
CVE-2006-3063myPHP Guestbook 多个跨站脚本攻击(XSS)漏洞
CVE-2006-3064CPG include/function.inc.php SQL注入漏洞
CVE-2006-3065blur6ex blog.php SQL注入漏洞
CVE-2006-3066IBM DB2 Universal Database TCP/IP监听 缓冲区溢出
CVE-2006-3067IBM DB2 (UDB) 多个未明漏洞
CVE-2006-3068IBM DB2 UDB 特定信息 拒绝服务漏洞
CVE-2006-3070Zeroboard write_ok.php 任意文件上载漏洞
CVE-2006-3071MP3 Search/Archive index.php 跨站脚本攻击(XSS)漏洞
CVE-2006-3062myPHP Guestbook index.php 跨站脚本攻击(XSS)漏洞
CVE-2006-3073Cisco VPN3K/ASA WebVPN无客户端模式 多个跨站脚本攻击漏洞
CVE-2006-3074Kaspersky Anti-Virus klif.sys 拒绝服务漏洞
CVE-2006-3075PictureDis Professional/PictureDis Photoalbum 多个PHP远程文件包含漏洞
CVE-2006-3076PhpBlueDragon CMS Template.PHP 远程文件包含漏洞
CVE-2006-3077aXentGuestbook guestbook.cfm 跨站脚本攻击(XSS)漏洞
CVE-2006-3078APBoard 多个SQL注入漏洞
CVE-2006-3079SSPwiz Plus index.cfm 跨站脚本攻击(XSS)漏洞
CVE-2006-3080AxentForum viewposts.cfm 跨站脚本攻击漏洞
CVE-2006-3096iPostMX 多个SQL注入漏洞
CVE-2006-3088Car Classifieds index.php 跨站脚本(XSS)漏洞

Showing top 20 of 36 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-3069

No comments yet

Leave a comment