CVE-2006-3757

EPSS 0.35% · P57 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-3757

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

index.php in Zen Cart 1.3.0.2 allows remote attackers to obtain sensitive information via empty (1) _GET[], (2) _SESSION[], (3) _POST[], (4) _COOKIE[], or (5) _SESSION[] array parameters, which reveals the installation path in an error message. NOTE: this issue might be resultant from a global overwrite vulnerability.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Zen Cart 'index.php' 敏感信息泄露漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Zen Cart 1.3.0.2中的index.php可以使远程攻击者借助空的 (1) _GET[], (2) _SESSION[], (3) _POST[], (4) _COOKIE[],或(5) _SESSION[]数组参数，在错误讯息中显示安装路径，从而获得敏感信息。注:此问题可能由全局重写漏洞所致。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2006-3757

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2006-3757

Please Login to view more intelligence information

http://securityreason.com/securityalert/1253third-party-advisoryx_refsource_SREASON
http://www.securityfocus.com/archive/1/438805/100/200/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2006-3757

Same Patch Batch · n/a · 2006-07-21 · 44 CVEs total

CVE-2006-3773		SMF Forum 'SMF.PHP' 远程文件包含漏洞
CVE-2006-3759		MyBB 用户组操作未明安全漏洞
CVE-2006-3758		MyBB Archive Mode (Light) 'init.php'SQL注入漏洞
CVE-2006-3760		MyBB　多个SQL注入漏洞
CVE-2006-3763		Diesel Joke Site 'Category.PHP' SQL注入漏洞
CVE-2006-3764		Till Gerken phpPolls 'phpPollAdmin.php3' 安全请求漏洞
CVE-2006-3765		hdweGUEST多个HTML注入漏洞
CVE-2006-3766		Darren's $5 Script Archive osDate txtrating参数安全权限提升漏洞
CVE-2006-3767		OSDate 'showprofile.php'跨站脚本攻击(XSS) 漏洞
CVE-2006-3762		Touch Control ActiveX contro Execute函数的sPath参数任意文件执行漏洞
CVE-2006-3774		Joomla!的perForms组件 'Performs.PHP'远程文件包含漏洞
CVE-2006-3772		PHP-Post logincookie[user]设置远程认证绕过漏洞
CVE-2006-3771		iManage CMS 'component.php'多个PHP远程文件包含漏洞
CVE-2006-3770		PHPFaber TopSites 'Index.PHP'多个SQL注入漏洞
CVE-2006-3769		Paddelberg Top XL 多个跨站脚本攻击漏洞
CVE-2006-3779		Citrix MetaFrame XP 不安全的ACL安装注册表键特权提升漏洞
CVE-2006-3778		IBM Lotus Notes e-mail 消息的处理信息泄露漏洞
CVE-2006-3777		IDevSpot PHPLinkExchange 'Index.PHP'远程文件包含漏洞
CVE-2006-3776		IDevSpot PHPHostBot 'Index.PHP'远程文件包含漏洞
CVE-2006-3775		MyBB 'class_session.php' SQL注入漏洞

Showing top 20 of 44 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2006-3757

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2006-3757

I. Basic Information for CVE-2006-3757

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2006-3757

III. Intelligence Information for CVE-2006-3757

Same Patch Batch · n/a · 2006-07-21 · 44 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2006-3757

Leave a comment