15 matches found
EUVD-2006-0783
Malware in sbrugna...
EUVD-2006-0782
Malware in sbrugna...
GUESTEX-exec.pl.txt
Creator: K-sPecial xzziroz.net of .aware awarenetwork.org Name: GUESTEX-exec.pl Date: 06/07/2006 Version: 1.00 1.00 06/07/2006 - GUESTEX-exec.pl created Description: GUESTEX guestbook is vulnerable to remote code execution in how it handles it's 'email' parameter. $form'email' is used when openni...
GUESTEX guestbook code execution
Another hole found while mass auditing free cgi scripts. After finding it and writing code for it I noticed there is already a a BID http://www.securityfocus.com/archive/1/425970, but no code. So, here is some code. Maybe this will further provoke the author to get it fixed. --K-sPecial...
Guestex Guestbook 1.00 (email) Remote Code Execution Exploit
No description provided by source. Creator: K-sPecial xzziroz.net of .aware awarenetwork.org Name: GUESTEX-exec.pl Date: 06/07/2006 Version: 1.00 1.00 06/07/2006 - GUESTEX-exec.pl created Description: GUESTEX guestbook is vulnerable to remote code execution in how it handles it's 'email' paramete...
Guestex Guestbook 1.00 - email Remote Code Execution
Guestex Guestbook 1.00 - email Remote Code Execution Creator: K-sPecial xzziroz.net of .aware awarenetwork.org Name: GUESTEX-exec.pl Date: 06/07/2006 Version: 1.00 1.00 06/07/2006 - GUESTEX-exec.pl created Description: GUESTEX guestbook is vulnerable to remote code execution in how it handles it'...
Guestex Guestbook 1.00 - 'email' Remote Code Execution
Creator: K-sPecial xzziroz.net of .aware awarenetwork.org Name: GUESTEX-exec.pl Date: 06/07/2006 Version: 1.00 1.00 06/07/2006 - GUESTEX-exec.pl created Description: GUESTEX guestbook is vulnerable to remote code execution in how it handles it's 'email' parameter. $form'email' is used when openni...
EV0076.txt
New eVuln Advisory: Guestex Shell Command Execution Vulnerability http://evuln.com/vulns/76/summary.html --------------------Summary---------------- eVuln ID: EV0076 CVE: CVE-2006-0777 Software: Guestext Sowtware's Web Site: http://www.teca-scripts.com/ Versions: 1.0 Critical Level: Dangerous Typ...
EV0077.txt
New eVuln Advisory: Guestex XSS Vulnerability http://evuln.com/vulns/77/summary.html --------------------Summary---------------- eVuln ID: EV0077 CVE: CVE-2006-0776 Software: Guestext Sowtware's Web Site: http://www.teca-scripts.com/ Versions: 1.0 Critical Level: Harmless Type: Cross-Site Scripti...
[eVuln] Guestex XSS Vulnerability
New eVuln Advisory: Guestex XSS Vulnerability http://evuln.com/vulns/77/summary.html --------------------Summary---------------- eVuln ID: EV0077 CVE: CVE-2006-0776 Software: Guestext Sowtware's Web Site: http://www.teca-scripts.com/ Versions: 1.0 Critical Level: Harmless Type: Cross-Site Scripti...
[eVuln] Guestex Shell Command Execution Vulnerability
New eVuln Advisory: Guestex Shell Command Execution Vulnerability http://evuln.com/vulns/76/summary.html --------------------Summary---------------- eVuln ID: EV0076 CVE: CVE-2006-0777 Software: Guestext Sowtware's Web Site: http://www.teca-scripts.com/ Versions: 1.0 Critical Level: Dangerous Typ...
CVE-2006-0777
Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote attackers to execute arbitrary shell commands via the email parameter, possibly involving shell metacharacters...
Code injection
Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote attackers to execute arbitrary shell commands via the email parameter, possibly involving shell metacharacters...
CVE-2006-0777
Guestex (Guestex 1.0) contains a command injection in guestex.pl: the email parameter is not sanitized, allowing remote attackers to execute arbitrary shell commands. Exploit available; no patch reported in the sources. Impact per CVSS notes partial confidentiality, integrity, and availability lo...
CVE-2006-0777
Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote attackers to execute arbitrary shell commands via the email parameter, possibly involving shell metacharacters...