5 matches found
SAXoPRESS pbcs.dll url Parameter Traversal Arbitrary File Access
The remote host is running SAXoPRESS or Publicus, web content management systems commonly used by newspapers. The installation of SAXoPRESS / Publicus on the remote host fails to validate user input to the 'url' parameter of the 'apps/pbcs.dll' script. An attacker can exploit this issue to access...
Directory traversal
Directory traversal vulnerability in misc in pbcs.dll in SAXoTECH SAXoPRESS, aka Saxotech Online formerly Publicus allows remote attackers to read arbitrary files and possibly execute arbitrary programs via a .. dot dot in the url parameter...
CVE-2006-1771
Directory traversal vulnerability in misc in pbcs.dll in SAXoTECH SAXoPRESS, aka Saxotech Online formerly Publicus allows remote attackers to read arbitrary files and possibly execute arbitrary programs via a .. dot dot in the url parameter...
CVE-2006-1771
SAXoPRESS (SaxoTECH SAXoPRESS, also known as SaxoTech Online/Publicus) is affected by a directory traversal in the pbcs.dll component exposed via the url parameter. The issue arises from insufficient validation of the url input, enabling an attacker to access arbitrary files on the remote host wi...
CVE-2006-1771
Directory traversal vulnerability in misc in pbcs.dll in SAXoTECH SAXoPRESS, aka Saxotech Online formerly Publicus allows remote attackers to read arbitrary files and possibly execute arbitrary programs via a .. dot dot in the url parameter...