Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-4081

EPSS 18.48% · P95
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-4081

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 allows remote attackers to execute commands via shell metacharacters ("|" pipe symbol) in the file parameter. NOTE: the attack can be extended to arbitrary commands by the presence of CVE-2006-4000.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Barracuda Networks垃圾邮件防火墙管道符号安全绕过漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Barracuda Spam Firewall是用于保护邮件服务器的集成硬件和软件垃圾邮件解决方案。 Barracuda垃圾邮件防火墙Login.pm脚本中的guest帐号有硬编码的口令bnadmin99。尽管guest帐号仅有有限的访问能力,但还是可以获取以下信息: * 系统配置,包括IP地址、管理员IP ACL; * 邮件消息日志(但没有消息的内容); * 垃圾邮件/杀毒定义的版本信息和系统固件版本。 此外,利用管道符号(|)还可能执行任意命令。尽管这个脚本要求有效的用户登录,但结合上文所述的gues
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-4081

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-4081

Please Login to view more intelligence information

Same Patch Batch · n/a · 2006-08-11 · 25 CVEs total

CVE-2006-4090Webligo BlogHoster 'PreviewComment.PHP'跨站脚本攻击漏洞
CVE-2006-4080DeluxeBB 包含密码MD5哈希的cookie 跨站脚本攻击(XSS)和信息泄露漏洞
CVE-2006-4079DeluxeBB 'Newpost.PHP'跨站脚本攻击漏洞
CVE-2006-4078DeluxeBB 'PM.PHP'未授权访问漏洞
CVE-2006-4077Comet WebFileManager' CheckUpload.php'远程文件包含漏洞
CVE-2006-4076Wim Fleischhauer docpile 多个PHP远程文件包含漏洞
CVE-2006-4075Wim Fleischhauer docpile 多个PHP远程文件包含漏洞
CVE-2006-4074Joomla软件的JD-组件 'Main.PHP'远程文件包含漏洞
CVE-2006-4073Fabian Hainz phpCC 多个PHP远程文件包含漏洞
CVE-2006-4072CLUB Nuke多个SQL注入漏洞
CVE-2006-4092Simpliciti Locked Browser浏览器JavaScript window.blur循环安全权限漏洞
CVE-2006-4091Archangel Management Archangel Weblog 多个跨站脚本攻击(XSS)漏洞
CVE-2006-3813Perl SuidPerl PERL调试消息任意代码执行漏洞
CVE-2006-4089AlsaPlayer多个缓冲区溢出漏洞
CVE-2006-4088CivicSpace 多个跨站脚本攻击(XSS)漏洞
CVE-2006-4087mojoscripts.com mojoGallery 'admin.cgi'跨站脚本攻击(XSS)漏洞
CVE-2006-4086Elaine Aquino Online Zone Journals 'index.php'跨站脚本攻击(XSS)漏洞
CVE-2006-4085Olaf Noehring的Search Engine Project 'pagenavigation.php' PHP远程文件包含漏洞
CVE-2006-4084phpAutoMembersArea 不明安全攻击漏洞
CVE-2006-4083myWebland myEvent 'viewevent.php'PHP远程文件包含漏洞

Showing top 20 of 25 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-4081

No comments yet

Leave a comment