Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-4371

EPSS 1.18% · P79
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-4371

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple directory traversal vulnerabilities in Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated global administrators to read arbitrary files via a .. (dot dot) in the file parameter to (1) logfile_view.wdm and (2) configfile_view.wdm.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
MDaemon的WebAdmin组件多个目录遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
运行MDaemon 9.0.5软件的Alt-N WebAdmin 3.2.3和3.2.4版本,可能还包括早期版本中存在多个目录遍历漏洞,远程认证全局管理员可借助提交到(1) logfile_view.wdm和 (2) configfile_view.wdm中的file参数(该参数中包含..)来读取任意文件。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-4371

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-4371

Please Login to view more intelligence information

Same Patch Batch · n/a · 2006-08-26 · 15 CVEs total

CVE-2006-3124Streamripper HTTP头字段解析缓冲区溢出漏洞
CVE-2006-4365VistaBB多个远程文件包含漏洞
CVE-2006-4366RedBlog 'Index.PHP'远程文件包含漏洞
CVE-2006-4367All Topics phpBB模块SQL注入漏洞
CVE-2006-4368Integramod Portal 'functions_portal.php' Phpbb_Root_Path参数远程文件包含漏洞
CVE-2006-4369Integramod Portal 'functions_portal.php' Phpbb_Root_Path参数远程文件包含漏洞
CVE-2006-4370MDaemon、RelayFax和WorldClient WebAdmin logfile_view.wdm和configfile_view.wdm文件权限提升漏洞
CVE-2006-4372Lurm Constructor组件 'admin.lurm_constructor.php'PHP远程文件包含漏洞
CVE-2006-4373PSlash 'config.inc.php' lvc_include_dir参数PHP远程文件包含漏洞
CVE-2006-4374IrfanView ANI图像文件不明拒绝服务漏洞
CVE-2006-4375Mambo软件的Contacts XTD 'contxtd.class.php'PHP远程文件包含漏洞
CVE-2006-4376Guder und Koch Netzwerktechnik Eichhorn Portal门户网站多个跨站脚本攻击(XSS)漏洞
CVE-2006-4377Guder und Koch Netzwerktechnik Eichhorn Portal门户网站多个SQL注入漏洞
CVE-2006-4378Joomla软件的Rssxt组件多个PHP远程文件包含漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-4371

No comments yet

Leave a comment