JVN#22536871: QQQ SYSTEMS vulnerable to arbitrary command injection

QQQ SYSTEMS provided by Gundam Cult QQQ is a perl CGI script to create quiz pages. QQQ SYSTEMS contains an OS command injection vulnerability CWE-78. Impact An attacker may execute an arbitrary OS command with the web server's execution privilege. Solution Consider stop using QQQ SYTEMS 2.24 Sinc...

eXtropia bbs_forum.cgi 1.0 - Remote Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2177/info bbsforum.cgi is a popular Perl cgi script from eXtropia.com. It supports the creation and maintenance of web-based threaded discussion forums. Version 1.0 of bbsforum.cgi fails to properly validate user-supplied...

CVE-2006-3207

Directory traversal vulnerability in newpost.php in Ultimate PHP Board UPB 1.9.6 and earlier allows remote attackers to overwrite arbitrary files via a .. dot dot sequence and trailing null %00 byte in the id parameter, as demonstrated by injecting a Perl CGI script using "NR" sequences in the...

nph-maillist 3.03.5 - Arbitrary Code Execution

nph-maillist 3.03.5 - Arbitrary Code Execution source: https://www.securityfocus.com/bid/2563/info nph-maillist is a Perl CGI script that handles mailing lists, typically used to notify interested users of site updates. A hostile user can enter commands embedded in an email address via the...

nph-maillist 3.0/3.5 - Arbitrary Code Execution

source: https://www.securityfocus.com/bid/2563/info nph-maillist is a Perl CGI script that handles mailing lists, typically used to notify interested users of site updates. A hostile user can enter commands embedded in an email address via the subscription form, and then force a mailing which wil...

eXtropia bbs_forum.cgi 1.0 - Arbitrary Command Execution

eXtropia bbsforum.cgi 1.0 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/2177/info bbsforum.cgi is a popular Perl cgi script from eXtropia.com. It supports the creation and maintenance of web-based threaded discussion forums. Version 1.0 of bbsforum.cgi fails to properly...

(SRADV00005) Remote command execution vulnerabilities in MailMan Webmail

================================================= Secure Reality Pty Ltd. Security Advisory 5 SRADV00005 http://www.securereality.com.au ================================================= Title Remote command execution vulnerabilities in MailMan Webmail Released 6/11/2000 Vulnerable All 3.x versio...

SRADV00005.txt

================================================= Secure Reality Pty Ltd. Security Advisory 5 SRADV00005 http://www.securereality.com.au ================================================= Title Remote command execution vulnerabilities in MailMan Webmail Released 6/11/2000 Vulnerable All 3.x versio...