7 matches found
SquirrelMail G/PGP Plugin deletekey() Command Injection Exploit
No description provided by source. !/usr/local/bin/ruby puts"http://backdoored.net\n" puts "SquirrelMail G/PG deletekey command injection exploit\n" puts "http://backdoored.net Visit Us\n" puts "Coded by Backdoored member. \n" puts "--------------------------------------------------\n" if ARGV0 =...
squirrel-exec.txt
SquirrelMail G/PGP Encryption Plug-in Remote Command Execution Vulnerability Bugtraq ID: 24782 ----------------------------- There are various vulnerabilities in this software! One is in keyringmain.php! $fpr is not escaped from shellcommands! testbox:/home/w00t cat /tmp/w00t cat: /tmp/w00t: No...
SquirrelMail PGP plugin unfiltered shell characters
Unfiltered shell characters on external application invocation in fpr parameter of keyringmain.php script and in different places...
SquirrelMail G/PGP Encryption Plug-in 2.0 Command Execution Vuln
No description provided by source. SquirrelMail G/PGP Encryption Plug-in Remote Command Execution Vulnerability Bugtraq ID: 24782 ----------------------------- There are various vulnerabilities in this software! One is in keyringmain.php! $fpr is not escaped from shellcommands! testbox:/home/w00t...
SquirrelMail G/PGP Encryption Plugin 2.0 - Command Execution
SquirrelMail G/PGP Encryption Plug-in Remote Command Execution Vulnerability Bugtraq ID: 24782 ----------------------------- There are various vulnerabilities in this software! One is in keyringmain.php! $fpr is not escaped from shellcommands! testbox:/home/w00t cat /tmp/w00t cat: /tmp/w00t: No...
SquirrelMail G/PGP Encryption Plug-in Remote Command Execution Vulnerability
SquirrelMail G/PGP Encryption Plug-in Remote Command Execution Vulnerability Bugtraq ID: 24782 ----------------------------- There are various vulnerabilities in this software! One is in keyringmain.php! $fpr is not escaped from shellcommands! testbox:/home/w00t cat /tmp/w00t cat: /tmp/w00t: No...
CVE-2005-1924
The G/PGP GPG Plugin 2.1 and earlier for Squirrelmail allow remote authenticated users to execute arbitrary commands via shell metacharacters in 1 the fpr parameter to the deleteKey function in gpgkeyring.php, as called by a importkeyfile.php, b importkeytext.php, and c keyringmain.php; and 2 the...