15 matches found
EUVD-2006-0783
Malware in sbrugna...
EUVD-2006-0782
Malware in sbrugna...
GUESTEX-exec.pl.txt
Creator: K-sPecial xzziroz.net of .aware awarenetwork.org Name: GUESTEX-exec.pl Date: 06/07/2006 Version: 1.00 1.00 06/07/2006 - GUESTEX-exec.pl created Description: GUESTEX guestbook is vulnerable to remote code execution in how it handles it's 'email' parameter. $form'email' is used when openni...
GUESTEX guestbook code execution
Another hole found while mass auditing free cgi scripts. After finding it and writing code for it I noticed there is already a a BID http://www.securityfocus.com/archive/1/425970, but no code. So, here is some code. Maybe this will further provoke the author to get it fixed. --K-sPecial...
Guestex Guestbook 1.00 - email Remote Code Execution
Guestex Guestbook 1.00 - email Remote Code Execution Creator: K-sPecial xzziroz.net of .aware awarenetwork.org Name: GUESTEX-exec.pl Date: 06/07/2006 Version: 1.00 1.00 06/07/2006 - GUESTEX-exec.pl created Description: GUESTEX guestbook is vulnerable to remote code execution in how it handles it'...
Guestex Guestbook 1.00 - 'email' Remote Code Execution
Creator: K-sPecial xzziroz.net of .aware awarenetwork.org Name: GUESTEX-exec.pl Date: 06/07/2006 Version: 1.00 1.00 06/07/2006 - GUESTEX-exec.pl created Description: GUESTEX guestbook is vulnerable to remote code execution in how it handles it's 'email' parameter. $form'email' is used when openni...
Guestex Guestbook 1.00 (email) Remote Code Execution Exploit
No description provided by source. Creator: K-sPecial xzziroz.net of .aware awarenetwork.org Name: GUESTEX-exec.pl Date: 06/07/2006 Version: 1.00 1.00 06/07/2006 - GUESTEX-exec.pl created Description: GUESTEX guestbook is vulnerable to remote code execution in how it handles it's 'email' paramete...
EV0076.txt
New eVuln Advisory: Guestex Shell Command Execution Vulnerability http://evuln.com/vulns/76/summary.html --------------------Summary---------------- eVuln ID: EV0076 CVE: CVE-2006-0777 Software: Guestext Sowtware's Web Site: http://www.teca-scripts.com/ Versions: 1.0 Critical Level: Dangerous Typ...
EV0077.txt
New eVuln Advisory: Guestex XSS Vulnerability http://evuln.com/vulns/77/summary.html --------------------Summary---------------- eVuln ID: EV0077 CVE: CVE-2006-0776 Software: Guestext Sowtware's Web Site: http://www.teca-scripts.com/ Versions: 1.0 Critical Level: Harmless Type: Cross-Site Scripti...
[eVuln] Guestex Shell Command Execution Vulnerability
New eVuln Advisory: Guestex Shell Command Execution Vulnerability http://evuln.com/vulns/76/summary.html --------------------Summary---------------- eVuln ID: EV0076 CVE: CVE-2006-0777 Software: Guestext Sowtware's Web Site: http://www.teca-scripts.com/ Versions: 1.0 Critical Level: Dangerous Typ...
[eVuln] Guestex XSS Vulnerability
New eVuln Advisory: Guestex XSS Vulnerability http://evuln.com/vulns/77/summary.html --------------------Summary---------------- eVuln ID: EV0077 CVE: CVE-2006-0776 Software: Guestext Sowtware's Web Site: http://www.teca-scripts.com/ Versions: 1.0 Critical Level: Harmless Type: Cross-Site Scripti...
Code injection
Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote attackers to execute arbitrary shell commands via the email parameter, possibly involving shell metacharacters...
CVE-2006-0777
Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote attackers to execute arbitrary shell commands via the email parameter, possibly involving shell metacharacters...
CVE-2006-0777
Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote attackers to execute arbitrary shell commands via the email parameter, possibly involving shell metacharacters...
CVE-2006-0777
Guestex (Guestex 1.0) contains a command injection in guestex.pl: the email parameter is not sanitized, allowing remote attackers to execute arbitrary shell commands. Exploit available; no patch reported in the sources. Impact per CVSS notes partial confidentiality, integrity, and availability lo...