Approved changes feed: RSS · Atom

cpe:2.3:a:alternc:alternc:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorAlternc (3fb5e745-6df0-58c0-b4ee-4d688a6fd560)
ProductAlternc (764dc908-0096-5174-a84c-2d71656fd379)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/alternc/alternc purl2cpe 2026-06-01 10:16:04.106129

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2006-6259 vulnerable 2026-06-08 04:49:22.393433 Details available
Multiple directory traversal vulnerabilities in (a) class/functions.php and (b) class/m_bro.php in AlternC 0.9.5 and earlier allow remote attackers to (1) create arbitrary files and directories via a .. (dot dot) in the "create name" field and (2) read arbitrary files via a .. (dot dot) in the "web root" field when configuring a subdomain.
Published: 2006-12-04T11:00:00.000Z
Updated: 2024-08-07T20:19:35.199Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2006-6258 vulnerable 2026-06-08 04:49:22.393021 Details available
The phpmyadmin subsystem in AlternC 0.9.5 and earlier transmits the SQL password in cleartext in a cookie, which might allow remote attackers to obtain the password by sniffing or by conducting a cross-site scripting (XSS) attack.
Published: 2006-12-04T11:00:00.000Z
Updated: 2024-08-07T20:19:35.079Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2006-6257 vulnerable 2026-06-08 04:49:22.392667 Details available
The file manager in AlternC 0.9.5 and earlier, when warnings are enabled in PHP, allows remote attackers to obtain sensitive information via certain folder names such as ones composed of JavaScript code, which reveal the path in a warning message.
Published: 2006-12-04T11:00:00.000Z
Updated: 2024-08-07T20:19:35.103Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2006-6256 vulnerable 2026-06-08 04:49:22.392248 Details available
Cross-site scripting (XSS) vulnerability in the file manager in admin/bro_main.php in AlternC 0.9.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a folder name.
Published: 2006-12-04T11:00:00.000Z
Updated: 2024-08-07T20:19:35.093Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.