2 matches found
CVE-2006-6259
CVE-2006-6259 affects AlternC up to version 0.9.5 (and earlier). The vulnerability classes are directory traversal in two files: class/functions.php (create name) and class/m_bro.php (web root) that permit remote attackers to (1) create arbitrary files/directories via .. in the create name field ...
CVE-2006-6256
Cross-site scripting XSS vulnerability in the file manager in admin/bromain.php in AlternC 0.9.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a folder name...