CVE-2006-6482: CVE-2006-6482

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-6482

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Adobe ColdFusion MX7 allows remote attackers to obtain sensitive information via a URL request (1) for a non-existent (a) JWS, (b) CFM, (c) CFML, or (d) CFC file, which displays the installation path in the resulting error message; or (2) to /CFIDE/administrator/login.cfm without a host, which can reveal the server's internal IP address in an HREF tag.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

ColdFusion 'login.cfm'信息泄露漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

ColdFusion MX是一款高效的网络应用服务器开发环境，具有很高的易用性和开发效率，基于标准的Java技术，可以与XML、Web Services和Microsoft.NET环境相集成。如果远程攻击者能够向ColdFusion提交以以下格式结束的无效请求的话，就会导致在返回结果中泄漏服务器路径： /.jws /.cfm /.cfml /.cfc 如果未经提供主机便请求了/CFIDE/administrator/login.cfm页面的话，就会导致在href标签中泄漏服务器的内部IP地址。此外，如

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2006-6482

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2006-6482

Please Login to view more intelligence information

http://securityreason.com/securityalert/2021third-party-advisoryx_refsource_SREASON
http://www.securityfocus.com/bid/21532vdb-entryx_refsource_BID
http://secunia.com/advisories/23281third-party-advisoryx_refsource_SECUNIA
http://securitytracker.com/id?1017361vdb-entryx_refsource_SECTRACK
http://www.vupen.com/english/advisories/2006/4949vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/30839vdb-entryx_refsource_XF
https://exchange.xforce.ibmcloud.com/vulnerabilities/30840vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/454046/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2006-6482

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2006-6482

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2006-6482

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2006-6482

III. Intelligence Information for CVE-2006-6482

IV. Related Vulnerabilities

V. Comments for CVE-2006-6482

Leave a comment