CVE-2006-6242 - 漏洞详情

CVE-2006-6242 (CNNVD-200612-018)

MEDIUM 有利用代码

中文标题:

Serendipity 多个目录遍访漏洞

英文标题:

Multiple directory traversal vulnerabilities in Serendipity 1.0.3 and earlier allow remote attackers...

CVSS分数: 6.8

发布时间: 2006-12-03 18:00:00

漏洞类型: 路径遍历

状态: PUBLISHED

数据质量分数: 0.40

数据版本: v4

漏洞描述

中文描述:

Serendipity存在多个目录遍访漏洞，远程攻击者可通过在(1)include/lang.inc.php内；或传给plugins/ scripts(2)serendipity_event_bbcode/serendipity_event_bbcode.php，(3)serendipity_event_browsercompatibility/serendipity_event_browsercompatibility.php，(4)serendipity_event_contentrewrite/serendipity_event_contentrewrite.php，(5)serendipity_event_creativecommons/serendipity_event_creativecommons.php，(6)serendipity_event_emoticate/serendipity_event_emoticate.php，(7)serendipity_event_entryproperties/serendipity_event_entryproperties.php，(8)serendipity_event_karma/serendipity_event_karma.php，(9)serendipity_event_livesearch/serendipity_event_livesearch.php，(10)serendipity_event_mailer/serendipity_event_mailer.php，(11)serendipity_event_nl2br/serendipity_event_nl2br.php，(12)serendipity_event_s9ymarkup/serendipity_event_s9ymarkup.php，(13)serendipity_event_searchhighlight/serendipity_event_searchhighlight.php，(14)serendipity_event_spamblock/serendipity_event_spamblock.php，(15)serendipity_event_spartacus/serendipity_event_spartacus.php，(16)serendipity_event_statistics/serendipity_plugin_statistics.php，(17)serendipity_event_templatechooser/serendipity_event_templatechooser.php，(18)serendipity_event_textile/serendipity_event_textile.php，(19)serendipity_event_textwiki/serendipity_event_textwiki.php，(20)serendipity_event_trackexits/serendipity_event_trackexits.php，(21)serendipity_event_weblogping/serendipity_event_weblogping.php，(22)serendipity_event_xhtmlcleanup/serendipity_event_xhtmlcleanup.php，(23)serendipity_plugin_comments/serendipity_plugin_comments.php，(24)serendipity_plugin_creativecommons/serendipity_plugin_creativecommons.php，(25)serendipity_plugin_entrylinks/serendipity_plugin_entrylinks.php，(26)serendipity_plugin_eventwrapper/serendipity_plugin_eventwrapper.php，(27)serendipity_plugin_history/serendipity_plugin_history.php，(28)serendipity_plugin_recententries/serendipity_plugin_recententries.php，(29)serendipity_plugin_remoterss/serendipity_plugin_remoterss.php，(30)serendipity_plugin_shoutbox/serendipity_plugin_shoutbox.php，(31)和(32)serendipity_plugin_templatedropdown/serendipity_plugin_templatedropdown.php内的serendipity[charset]参数（该参数中包含..）序列来读取或包含任意本地文件。

英文描述:

Multiple directory traversal vulnerabilities in Serendipity 1.0.3 and earlier allow remote attackers to read or include arbitrary local files via a .. (dot dot) sequence in the serendipity[charset] parameter in (1) include/lang.inc.php; or to plugins/ scripts (2) serendipity_event_bbcode/serendipity_event_bbcode.php, (3) serendipity_event_browsercompatibility/serendipity_event_browsercompatibility.php, (4) serendipity_event_contentrewrite/serendipity_event_contentrewrite.php, (5) serendipity_event_creativecommons/serendipity_event_creativecommons.php, (6) serendipity_event_emoticate/serendipity_event_emoticate.php, (7) serendipity_event_entryproperties/serendipity_event_entryproperties.php, (8) serendipity_event_karma/serendipity_event_karma.php, (9) serendipity_event_livesearch/serendipity_event_livesearch.php, (10) serendipity_event_mailer/serendipity_event_mailer.php, (11) serendipity_event_nl2br/serendipity_event_nl2br.php, (12) serendipity_event_s9ymarkup/serendipity_event_s9ymarkup.php, (13) serendipity_event_searchhighlight/serendipity_event_searchhighlight.php, (14) serendipity_event_spamblock/serendipity_event_spamblock.php, (15) serendipity_event_spartacus/serendipity_event_spartacus.php, (16) serendipity_event_statistics/serendipity_plugin_statistics.php, (17) serendipity_event_templatechooser/serendipity_event_templatechooser.php, (18) serendipity_event_textile/serendipity_event_textile.php, (19) serendipity_event_textwiki/serendipity_event_textwiki.php, (20) serendipity_event_trackexits/serendipity_event_trackexits.php, (21) serendipity_event_weblogping/serendipity_event_weblogping.php, (22) serendipity_event_xhtmlcleanup/serendipity_event_xhtmlcleanup.php, (23) serendipity_plugin_comments/serendipity_plugin_comments.php, (24) serendipity_plugin_creativecommons/serendipity_plugin_creativecommons.php, (25) serendipity_plugin_entrylinks/serendipity_plugin_entrylinks.php, (26) serendipity_plugin_eventwrapper/serendipity_plugin_eventwrapper.php, (27) serendipity_plugin_history/serendipity_plugin_history.php, (28) serendipity_plugin_recententries/serendipity_plugin_recententries.php, (29) serendipity_plugin_remoterss/serendipity_plugin_remoterss.php, (30) serendipity_plugin_shoutbox/serendipity_plugin_shoutbox.php, and and (31) serendipity_plugin_templatedropdown/serendipity_plugin_templatedropdown.php.

CWE类型:

CWE-22

webapps php Kacper OSVDB-36565 OSVDB-36564 OSVDB-36563 OSVDB-36562 OSVDB-36561 OSVDB-36560 OSVDB-36559 OSVDB-36558 OSVDB-36557 OSVDB-36556 OSVDB-36555 OSVDB-36554 OSVDB-36553 OSVDB-36552 OSVDB-36551 OSVDB-36550 OSVDB-36549 OSVDB-36548 OSVDB-36547 OSVDB-36546 OSVDB-36545 OSVDB-36544 OSVDB-36543 OSVDB-36542 OSVDB-36541 OSVDB-36540 OSVDB-36539 OSVDB-36538 OSVDB-36537 OSVDB-36536 OSVDB-36535

受影响产品

厂商	产品	版本	版本范围	平台	CPE
s9y	serendipity	0.3	-	-	`cpe:2.3:a:s9y:serendipity:0.3:::::::*`
s9y	serendipity	0.4	-	-	`cpe:2.3:a:s9y:serendipity:0.4:::::::*`
s9y	serendipity	0.5	-	-	`cpe:2.3:a:s9y:serendipity:0.5:::::::*`
s9y	serendipity	0.5_pl1	-	-	`cpe:2.3:a:s9y:serendipity:0.5_pl1:::::::*`
s9y	serendipity	0.6	-	-	`cpe:2.3:a:s9y:serendipity:0.6:::::::*`
s9y	serendipity	0.6_pl1	-	-	`cpe:2.3:a:s9y:serendipity:0.6_pl1:::::::*`
s9y	serendipity	0.6_pl2	-	-	`cpe:2.3:a:s9y:serendipity:0.6_pl2:::::::*`
s9y	serendipity	0.6_pl3	-	-	`cpe:2.3:a:s9y:serendipity:0.6_pl3:::::::*`
s9y	serendipity	0.6_rc1	-	-	`cpe:2.3:a:s9y:serendipity:0.6_rc1:::::::*`
s9y	serendipity	0.6_rc2	-	-	`cpe:2.3:a:s9y:serendipity:0.6_rc2:::::::*`
s9y	serendipity	0.7	-	-	`cpe:2.3:a:s9y:serendipity:0.7:::::::*`
s9y	serendipity	0.7.1	-	-	`cpe:2.3:a:s9y:serendipity:0.7.1:::::::*`
s9y	serendipity	0.7_beta1	-	-	`cpe:2.3:a:s9y:serendipity:0.7_beta1:::::::*`
s9y	serendipity	0.7_beta2	-	-	`cpe:2.3:a:s9y:serendipity:0.7_beta2:::::::*`
s9y	serendipity	0.7_beta3	-	-	`cpe:2.3:a:s9y:serendipity:0.7_beta3:::::::*`
s9y	serendipity	0.7_beta4	-	-	`cpe:2.3:a:s9y:serendipity:0.7_beta4:::::::*`
s9y	serendipity	0.7_rc1	-	-	`cpe:2.3:a:s9y:serendipity:0.7_rc1:::::::*`
s9y	serendipity	0.8	-	-	`cpe:2.3:a:s9y:serendipity:0.8:::::::*`
s9y	serendipity	0.8.1	-	-	`cpe:2.3:a:s9y:serendipity:0.8.1:::::::*`
s9y	serendipity	0.8.2	-	-	`cpe:2.3:a:s9y:serendipity:0.8.2:::::::*`
s9y	serendipity	0.8_beta5	-	-	`cpe:2.3:a:s9y:serendipity:0.8_beta5:::::::*`
s9y	serendipity	0.8_beta6	-	-	`cpe:2.3:a:s9y:serendipity:0.8_beta6:::::::*`
s9y	serendipity	0.9.1	-	-	`cpe:2.3:a:s9y:serendipity:0.9.1:::::::*`
s9y	serendipity	1.0.3	-	-	`cpe:2.3:a:s9y:serendipity:1.0.3:::::::*`
s9y	serendipity	1.0_beta2	-	-	`cpe:2.3:a:s9y:serendipity:1.0_beta2:::::::*`
s9y	serendipity	1.0_beta3	-	-	`cpe:2.3:a:s9y:serendipity:1.0_beta3:::::::*`

解决方案

中文解决方案:

（暂无数据）

英文解决方案:

（暂无数据）

临时解决方案:

（暂无数据）

参考链接

21367 vdb-entry
cve.org

访问

ADV-2006-4782 vdb-entry
cve.org

访问

serendipity-lang-file-include(30615) vdb-entry
cve.org

访问

2869 exploit
cve.org

访问

无标题 x_refsource_MISC
cve.org

访问

Download Exploit EDB-2869 EXPLOIT
exploitdb

访问

CVE Reference: CVE-2006-6242 ADVISORY
cve.org

访问

CVSS评分详情

6.8

MEDIUM

CVSS向量: AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS版本: 2.0

机密性

PARTIAL

完整性

PARTIAL

可用性

PARTIAL

时间信息

发布时间:

2006-12-03 18:00:00

修改时间:

2024-08-07 20:19:35

创建时间:

2025-11-11 15:32:39

更新时间:

2026-01-26 02:17:07

利用信息

此漏洞有可利用代码！

利用代码数量: 1

利用来源:

未知

数据源详情

数据源	记录ID	版本	提取时间
CVE	`cve_CVE-2006-6242`	2025-11-11 15:17:47	2025-11-11 07:32:39
NVD	`nvd_CVE-2006-6242`	2025-11-11 14:51:52	2025-11-11 07:41:24
CNNVD	`cnnvd_CNNVD-200612-018`	2025-11-11 15:08:54	2025-11-11 07:49:12
EXPLOITDB	`exploitdb_EDB-2869`	2025-11-11 15:05:42	2025-11-11 08:24:22

版本与语言

当前版本: v4

主要语言: EN

支持语言:

EN ZH

其他标识符:

安全公告

暂无安全公告信息

变更历史

v4 EXPLOITDB

2025-11-11 16:24:22

references_count: 5 → 7; tags_count: 0 → 34; data_sources: ['cnnvd', 'cve', 'nvd'] → ['cnnvd', 'cve', 'exploitdb', 'nvd']

查看详细变更

references_count: 5 -> 7
tags_count: 0 -> 34
data_sources: ['cnnvd', 'cve', 'nvd'] -> ['cnnvd', 'cve', 'exploitdb', 'nvd']

v3 CNNVD

2025-11-11 15:49:12

vulnerability_type: 未提取 → 路径遍历; cnnvd_id: 未提取 → CNNVD-200612-018; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']

查看详细变更

vulnerability_type: 未提取 -> 路径遍历
cnnvd_id: 未提取 -> CNNVD-200612-018
data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']

v2 NVD

2025-11-11 15:41:24

cvss_score: 未提取 → 6.8; cvss_vector: NOT_EXTRACTED → AV:N/AC:M/Au:N/C:P/I:P/A:P; cvss_version: NOT_EXTRACTED → 2.0; affected_products_count: 0 → 26; data_sources: ['cve'] → ['cve', 'nvd']

查看详细变更

cvss_score: 未提取 -> 6.8
cvss_vector: NOT_EXTRACTED -> AV:N/AC:M/Au:N/C:P/I:P/A:P
cvss_version: NOT_EXTRACTED -> 2.0
affected_products_count: 0 -> 26
data_sources: ['cve'] -> ['cve', 'nvd']

CVE-2006-6242 (CNNVD-200612-018)

中文标题:

Serendipity 多个目录遍访漏洞

英文标题:

Multiple directory traversal vulnerabilities in Serendipity 1.0.3 and earlier allow remote attackers...

漏洞描述

中文描述:

英文描述:

CWE类型:

标签:

受影响产品

解决方案

中文解决方案:

英文解决方案:

临时解决方案:

参考链接

CVSS评分详情

时间信息

利用信息

数据源详情

版本与语言

安全公告

变更历史