CVE-2006-6268

EPSS 0.75% · P73 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-6268

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

SQL injection vulnerability in system/core/profile/profile.inc.php in Neocrome Land Down Under (LDU) 8.x and earlier allows remote authenticated users to execute arbitrary SQL commands via a url-encoded id parameter to users.php that begins with a valid filename, as demonstrated by "default.gif" followed by a double-encoded NULL and ' (apostrophe) (%2500%2527).

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Neocrome Land Down Under 'Profile.Inc.PHP' SQL注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Neocrome Land Down Under (LDU)中的system/core/profile/profile.inc.php存在SQL注入漏洞，远程认证用户可以通过一个传给users.php的以有效文件名开始的url编码id参数来执行任意SQL命令，如通过在"default.gif"之后跟随一个双编码NULL和' (单引号)(%2500%2527)。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2006-6268

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2006-6268

请登录查看更多情报信息。

http://www.nukedx.com/?viewdoc=51x_refsource_MISC
http://securityreason.com/securityalert/1954third-party-advisoryx_refsource_SREASON
http://www.securityfocus.com/bid/21227vdb-entryx_refsource_BID
http://www.securityfocus.com/archive/1/452259/100/100/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2006-6268

Same Patch Batch · n/a · 2006-12-04 · 47 CVEs total

CVE-2006-6276		Sun Java系统服务器嵌入式HTTP请求处理漏洞
CVE-2006-6279		@lex Guestbook 'Index.PHP'多个输入验证漏洞
CVE-2006-6281		Dicshunary 'Check_Status.PHP'远程文件包含漏洞
CVE-2006-6284		Vikingboard 'Admin.PHP'目录遍历漏洞
CVE-2006-6285		Retired - Kai Blankenhorn Bitfolge simple和nice index文件'Index.PHP'远程文件包含漏洞
CVE-2006-6286		Palm Desktop Application Directory本地不安全许可漏洞
CVE-2006-6287		AtomixMP3 M3U/PLS播放列表解析缓冲区溢出漏洞
CVE-2006-6288		CoolPlayer多个缓冲区溢出漏洞
CVE-2006-6283		Vikingboard 多个跨站脚本攻击漏洞
CVE-2006-6277		ContentServ 'FileServer.php' 目录遍历漏洞
CVE-2006-6278		@lex Guestbook 'Index.PHP' 多个输入验证漏洞
CVE-2006-6275		Sun Solaris内核本地拒绝服务漏洞
CVE-2006-6274		Expinion.net iNews Publisher ‘Articles.ASP’SQL注入漏洞
CVE-2006-6273		Simple PHP Gallery System 'SP_Index.PHP'跨站脚本攻击漏洞
CVE-2006-6272		Simple PHP Gallery System 'SP_Index.PHP'跨站脚本攻击漏洞
CVE-2006-6271		PHPOLL 多个跨站脚本攻击(XSS)漏洞
CVE-2006-6270		ASPMForum　多个SQL注入漏洞
CVE-2006-6269		Infinitytechs Restaurants CM　多个SQL注入漏洞
CVE-2006-6267		PostNuke stop参数敏感信息泄露漏洞
CVE-2006-6266		Teredo客户端 IPv6连接测试安全访问漏洞

Showing top 20 of 47 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2006-6268

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2006-6268

I. Basic Information for CVE-2006-6268

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2006-6268

III. Intelligence Information for CVE-2006-6268

Same Patch Batch · n/a · 2006-12-04 · 47 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2006-6268

Leave a comment