Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-4467

EPSS 1.01% · P77
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-4467

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Simple Machines Forum (SMF) 1.1RCx before 1.1RC3, and 1.0.x before 1.0.8, does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to perform directory traversal attacks to read arbitrary local files, lock topics, and possibly have other security impacts. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in Simple Machines Forum.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Simple Machines Forum unset PHP指令BUG 目录遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Simple Machines Forum (SMF) 1.1RC3之前的1.1RCx版本,及1.0.8之前的1.0.x版本,当输入数据包含的数值型参数的值与字母数字型参数的哈希值相匹配时,没有正确释放变量,远程攻击者可利用此漏洞实现目录遍历攻击,以读取任意本地文件,锁定主题,并且有可能产生其它安全影响。注意:此漏洞是由unset PHP指令中的一个bug引起的,并且PHP中应该提供了适当的修复程序,但这一说法目前还存在争议;如果是这样,则不应将其视为Simple Machines Forum中的漏洞。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-4467

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-4467

登录查看更多情报信息。

Same Patch Batch · n/a · 2006-08-31 · 55 CVEs total

CVE-2006-4463Jetstat.com JS ASP Faq Manager 多个SQL注入漏洞
CVE-2006-4458PhpGroupWare日历模块'class.holidaycalc.inc.php'路径遍历漏洞
CVE-2006-4474Joomla! 多个跨站脚本攻击漏洞
CVE-2006-4456phpECard functions.php和index.php'远程文件包含漏洞
CVE-2006-4476Joomla! 多个权限许可和访问控制漏洞
CVE-2006-4475Joomla! Admin Popups功能权限许可和访问控制漏洞
CVE-2006-4457phpECard 'index.php'include_path参数HP远程文件包含漏洞
CVE-2006-4466Joomla! unset PHP指令bug 未明安全漏洞
CVE-2006-4465Microsoft终端服务器Explorer错误任意代码执行漏洞
CVE-2006-4464Nokia Browser 超大Unicode字符串拒绝服务攻击漏洞
CVE-2006-4468Joomla! 多个不明漏洞
CVE-2006-4462Gonafish.com LinksCaffe 'admin1953.php' 安全权限获得漏洞
CVE-2006-4461Paessler IPCheck Server Monitor 探测器设置未明安全漏洞
CVE-2006-4460PHP iAddressBook未明跨站脚本攻击漏洞
CVE-2006-4486PHP 分配例程整型溢出漏洞
CVE-2006-4485PHP stripos函数未明攻击漏洞
CVE-2006-4484PHP 'gd_gif_in.c'LWZReadByte_函数缓冲区溢出漏洞
CVE-2006-4483PHP 'open_basedir或safe_mode'远程输入错误漏洞
CVE-2006-4482PHP 'string.c'多个堆缓冲区错误漏洞
CVE-2006-4481PHP 多个输入验证漏洞

Showing top 20 of 55 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-4467

No comments yet

Leave a comment