CVE-2006-3736
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2006-3736
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
PHP remote file inclusion vulnerability in core/videodb.class.xml.php in the VideoDB component for Mambo 0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Mambo VideoDB组件 'videodb.class.xml.php'远程文件包含漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
VideoDB是Mambo中的一个组件,用于从网络上下载数据信息,管理视频收藏。 VideoDB组件在处理用户请求时存在输入验证漏洞,远程攻击者可能利用此漏洞在服务器上有Web进程权限执行任意命令。 模块的core/videodb.class.xml.php脚本没有正确地验证mosConfig_absolute_path参数的输入,允许攻击者可以通过包含本地或外部资源的任意文件导致执行任意代码。成功攻击要求打开了register_globals。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2006-3736
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2006-3736
Please Login to view more intelligence information
Same Patch Batch · n/a · 2006-07-19 · 46 CVEs total
| CVE-2006-3717 | Oracle E-Business Suite and Applications 安全漏洞 | |
| CVE-2006-3720 | Enterprise Config Management未明安全漏洞 | |
| CVE-2006-3722 | Oracle PeopleSoft Enterprise Portal存在未明安全漏洞 | |
| CVE-2006-3693 | Rocks Clusters本地特权提升漏洞 | |
| CVE-2006-3694 | Yukihiro Matsumoto Ruby多个SAFE等级限制绕过漏洞 | |
| CVE-2006-3695 | Tor 恶意的Tor server隐藏服务信息泄露漏洞 | |
| CVE-2006-3696 | Agnitum Outpost Firewall 'FiltNT.SYS' 本地拒绝服务漏洞 | |
| CVE-2006-3697 | Lavasoft Personal Firewall本地提权漏洞 | |
| CVE-2006-3724 | Oracle JD Edwards HTML Server OneWorld工具企业版工具未明影响和攻击漏洞 | |
| CVE-2006-3718 | Oracle Exchange for Oracle E-Business Suite and Applications 多个未明漏洞 | |
| CVE-2006-3719 | Repository for Oracle Enterprise Manager 未明安全向量 | |
| CVE-2006-3716 | Oracle E-Business Suite and Applications多个未明安全漏洞 | |
| CVE-2006-3715 | Oracle Collaboration Suite未明漏洞 | |
| CVE-2006-3714 | Oracle 2006年7月更新修复多个安全漏洞 | |
| CVE-2006-3713 | Oracle Application Server 未明安全漏洞 | |
| CVE-2006-3712 | Oracle Application Server OC4J 未明漏洞 | |
| CVE-2006-3711 | Oracle Application Server OC4J 未明安全漏洞 | |
| CVE-2006-3710 | Oracle Application Server OC4J 未明漏洞 | |
| CVE-2006-3709 | Server OC4J 存在未明安全漏洞,存在未明影响和攻击向量 | |
| CVE-2006-3708 | Oracle Application Server存在未明影响和攻击漏洞 |
Showing top 20 of 46 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service - CVE-2026-8267
Open5GS SMF smf_nsmf_handle_created_data_in_vsmf denial of s - CVE-2026-8266
Open5GS SMF gsm-build.c gsm_build_pdu_session_establishment_ - CVE-2026-8261
Squirrel sqobject.cpp Load heap-based overflow - CVE-2026-8258
Squirrel sqstdstring.cpp validate_format stack-based overflo
V. Comments for CVE-2006-3736
No comments yet