CVE-2006-3692

EPSS 6.66% · P91 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-3692

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

PHP remote file inclusion vulnerability in enduser/listmessenger.php in ListMessenger 0.9.3 allows remote attackers to execute arbitrary PHP code via a URL in the lm_path parameter. NOTE: the vendor has disputed this issue to SecurityTracker, stating that the $lm_path variable is set to a constant value. As of 20060726, CVE concurs with the vendor based on SecurityTracker's post-disclosure analysis

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

已过期: ListMessenger 'listmessenger.php' PHP远程文件包含漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

** 有争议 ** ListMessenger 0.9.3的enduser/listmessenger.php存在PHP远程文件包含漏洞，远程攻击者可借助lm_path参数中的URL执行任意PHP代码。注：厂商就此问题对SecurityTracker提出反驳，声称$lm_path 变量设为常数值。2006年7月26日, CVE根据SecurityTracker的公布后分析结果同意了厂商的意见

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2006-3692

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2006-3692

请登录查看更多情报信息。

http://securityreason.com/securityalert/1243third-party-advisoryx_refsource_SREASON
http://www.securityfocus.com/bid/19014vdb-entryx_refsource_BID
http://securitytracker.com/id?1016530vdb-entryx_refsource_SECTRACK
http://www.attrition.org/pipermail/vim/2006-July/000946.htmlmailing-listx_refsource_VIM
http://www.securityfocus.com/archive/1/440291/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2006-3692

Same Patch Batch · n/a · 2006-07-18 · 30 CVEs total

CVE-2006-3680		PhotoCycle 'PhotoCycle.php 'phpage参数跨站脚本攻击漏洞
CVE-2006-3469		MySQL Server date_format()函数拒绝服务漏洞
CVE-2006-3467		FreeType 数字错误漏洞
CVE-2006-0817		VisNetic Mail Server 绝对路径目录遍历漏洞
CVE-2006-0818		VisNetic Mail Server 多个目录遍历漏洞
CVE-2006-3691		VBZooM多个SQL注入漏洞
CVE-2006-3690		MiniBB多个远程文件包含漏洞
CVE-2006-3689		Subberz Lite UserFunc 'user-func.php'PHP远程文件包含漏洞
CVE-2006-3688		Francisco Charrua Photo-Gallery 'Room.PHP' SQL注入漏洞
CVE-2006-3686		HP OpenVMS 'SMPUTIL.EXE'未明拒绝服务漏洞
CVE-2006-3685		CzarNews 'cn_config.php'的tpath参数PHP远程文件包含漏洞
CVE-2006-3684		PHP Event Calendar 'Calendar.PHP'远程文件包含漏洞
CVE-2006-3683		Flipper Poll ＇Poll.PHP＇远程文件包含漏洞
CVE-2006-3682		AWStats 'awstats.pl' 多个路径泄露漏洞
CVE-2006-3681		AWStats AWstats.PL多个跨站脚本攻击漏洞
CVE-2006-3670		Rabox WinLPD远程缓冲区溢出漏洞
CVE-2006-3679		FatWire Content Server安全认证绕过漏洞
CVE-2006-3632		Wireshark协议分析NFS分析器缓冲区溢出漏洞
CVE-2006-3631		Wireshark协议分析器拒绝服务攻击漏洞
CVE-2006-3630		Wireshark协议解析多个off-by-one 错误漏洞

Showing top 20 of 30 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2006-3692

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2006-3692

I. Basic Information for CVE-2006-3692

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2006-3692

III. Intelligence Information for CVE-2006-3692

Same Patch Batch · n/a · 2006-07-18 · 30 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2006-3692

Leave a comment