CVE-2006-4442
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2006-4442
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-site scripting (XSS) vulnerability in PHP iAddressBook before 0.95 allows remote attackers to inject arbitrary web script or HTML via the cat_name parameter, related to adding a category. (categories field). NOTE: some details are obtained from third party information.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
PHP iAddressBook Cat_Name参数跨站脚本攻击(XSS)漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
PHP iAddressBook 0.95之前的版本存在跨站脚本攻击(XSS)漏洞,远程攻击者可借助cat_name参数注入任意Web脚本或HTML,此漏洞与增加一个类别有关(categories字段)。注意:某些详细信息是从第三方信息来源获取的。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2006-4442
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2006-4442
请登录查看更多情报信息。
- http://wacha.ch/wiki/addressbook:changelogx_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2006-4442
Same Patch Batch · n/a · 2006-08-29 · 23 CVEs total
| CVE-2006-4426 | AlberT-EasySite 'logout.php' PSA_PATH远程文件包含漏洞 | |
| CVE-2006-4436 | OpenBSD isakmpd工具 ISAKMPD IPsec通信会话回放漏洞 | |
| CVE-2006-4435 | OpenBSD semaphore分配拒绝服务漏洞 | |
| CVE-2006-4434 | Sendmail超长邮件头释放后使用(use-after-free)漏洞 | |
| CVE-2006-4433 | PHP 第三方会话句柄的会话标识符设计限制 | |
| CVE-2006-4432 | Zend Platform final组件目录遍历漏洞 | |
| CVE-2006-4431 | Zend Platform平台多个缓冲区溢出漏洞 | |
| CVE-2006-4430 | Cisco NAC代理安装安全绕过漏洞 | |
| CVE-2006-4429 | PHlyMail Lite 'mod.listmail.php'PHP远程文件包含漏洞 | |
| CVE-2006-4428 | Jupiter CMS 'Index.PHP'.PHP远程文件包含漏洞 | |
| CVE-2006-4427 | eFiction 'Index.PHP'认证绕过漏洞 | |
| CVE-2006-4439 | Sun Solaris pkgmap文件mode字段安全权限漏洞 | |
| CVE-2006-4425 | phpCOIN 多个PHP远程文件包含漏洞 | |
| CVE-2006-4424 | PhpCOIN多个远程文件包含漏洞 | |
| CVE-2006-4423 | Bigace Globals参数多个远程文件包含漏洞 | |
| CVE-2006-4422 | Jetbox CMS 'Search_function.PHP'远程文件包含漏洞 | |
| CVE-2006-4421 | Yapig 'Thanks_comment.PHP'跨站脚本攻击漏洞 | |
| CVE-2006-4445 | CuteNews 多个PHP远程文件包含漏洞 | |
| CVE-2006-4444 | Cybozu Garoon 多个SQL注入漏洞 | |
| CVE-2006-4443 | AlstraSoft Video Share Enterprise 'MyajaxPHP.PHP'远程文件包含漏洞 |
Showing top 20 of 23 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2006-4442
No comments yet