Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormAliaksandr HartsuyeuPACKETSTORM:44183
HistoryFeb 26, 2006 - 12:00 a.m.

EV0076.txt

2006-02-2600:00:00
Aliaksandr Hartsuyeu
packetstormsecurity.com
20

0.019 Low

EPSS

Percentile

87.2%

JSON
`New eVuln Advisory:  
Guestex Shell Command Execution Vulnerability  
http://evuln.com/vulns/76/summary.html  
  
--------------------Summary----------------  
eVuln ID: EV0076  
CVE: CVE-2006-0777  
Software: Guestext  
Sowtware's Web Site: http://www.teca-scripts.com/  
Versions: 1.0  
Critical Level: Dangerous  
Type: Command Execution  
Class: Remote  
Status: Unpatched. No reply from developer(s)  
Exploit: Available  
Solution: Not Available  
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)  
  
-----------------Description---------------  
Vulnerable Script: guestex.pl  
  
Variable $form{'email'} isn't properly sanitized. This can be used to execute arbitrary shell commands.  
  
System access is possible.  
  
--------------Exploit----------------------  
Available at: http://evuln.com/vulns/76/exploit.html  
  
When adding new record:  
  
email: [email protected];[command]  
  
--------------Solution---------------------  
No Patch available.  
  
--------------Credit-----------------------  
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)  
  
  
Regards,  
Aliaksandr Hartsuyeu  
http://evuln.com - Penetration Testing Services  
.  
`

Related

cve 1
cvelist 1
securityvulns 1
prion 1
cve
cve
CVE-2006-0777
2006-02-19 00:02:00
cvelist
cvelist
CVE-2006-0777
2006-02-19 00:00:00
securityvulns
securityvulns
[eVuln] Guestex Shell Command Execution Vulnerability
2006-02-25 00:00:00
prion
prion
Code injection
2006-02-19 00:02:00

0.019 Low

EPSS

Percentile

87.2%

JSON
Related for PACKETSTORM:44183
cve1cvelist1securityvulns1prion1