Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-3323

EPSS 12.46% · P94
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-3323

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
PHP remote file inclusion vulnerability in admin/admin.php in MF Piadas 1.0 allows remote attackers to execute arbitrary PHP code via the page parameter. NOTE: the same vector can be used for cross-site scripting, but CVE analysis suggests that this is resultant from file inclusion of HTML or script.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
MF Piadas admin.php 远程文件包含漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
MF Piadas是一种Web CGI程序。 MF Piadas处理用户请求时存在输入验证漏洞,远程攻击者可能利用此漏洞在服务器上以Web进程权限执行任意命令。 MF Piadas的admin.php脚本没有正确验证page参数的输入,允许攻击者通过包含本地或外部资源的任意文件导致执行任意PHP代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-3323

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-3323

登录查看更多情报信息。

Same Patch Batch · n/a · 2006-06-30 · 21 CVEs total

CVE-2006-3334LibPNG 图形库块错误处理 缓冲区溢出漏洞
CVE-2006-3320SiteBar Command.PHP 跨站脚本攻击漏洞
CVE-2006-3319PHP iCalendar index.php 跨站脚本攻击(XSS)漏洞
CVE-2006-3321OpenForum openforum.asp 多个跨站注入漏洞
CVE-2006-3117OpenOffice 畸形XML文件格式 堆溢出漏洞
CVE-2006-2199OpenOffice Java Applet 访问控制绕过漏洞
CVE-2006-2198OpenOffice 任意宏执行漏洞
CVE-2006-3118Spread 套接字文件创建 拒绝服务漏洞
CVE-2006-3322phpRaid includes/functions_logging.php SQL注入漏洞
CVE-2006-2934Linux Kernel Netfilter SCTP conntrack 拒绝服务漏洞
CVE-2006-3324id3 Quake 3 Engine/Icculus Quake 3 Engine "自动下载"选项 输入验证漏洞
CVE-2006-3333Zorum Forum index.php 跨站脚本攻击(XSS)漏洞
CVE-2006-3332Zorum index.php 多个SQL注入漏洞
CVE-2006-3331Opera SSL证书 输入验证错误漏洞
CVE-2006-3330PHP/MySQL Classifieds AddAsset1.php 多个跨站脚本攻击(XSS)漏洞
CVE-2006-3329PHP/MySQL Classifieds search.php SQL注入漏洞
CVE-2006-3328Hostflow New_Ticket.CGI 跨站脚本攻击漏洞
CVE-2006-3327Custom dating biz dating script 多个跨站脚本攻击(XSS)漏洞
CVE-2006-3326QuickZip 多个目录遍历漏洞
CVE-2006-3325Quake 3 client/cl_parse.c 输入验证漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-3323

No comments yet

Leave a comment