25 matches found
EUVD-2004-1671
Malware in sbrugna...
EUVD-2005-0344
Malware in sbrugna...
EUVD-2004-1672
Malware in sbrugna...
PerlDesk Language Variable Server-Side Script Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11160/info It is reported that PerlDesk is susceptible to a server-side script execution vulnerability. This vulnerability may be exploited to execute the contents of Perl scripts contained on the affected server...
CVE-2005-0343
SQL injection vulnerability in PerlDesk 1.x allows remote attackers to inject arbitrary SQL commands via the view parameter...
CVE-2004-1678
CVE-2004-1678 describes a directory traversal vulnerability in PerlDesk’s pdesk.cgi. A remote attacker can read portions of arbitrary files (and possibly trigger execution of Perl modules) by crafting lang parameters with ‘..’ sequences terminated by a NULL character (%00), potentially leaking fi...
CVE-2004-1677
Technical details about CVE-2004-1677 are not provided in the provided documents. The description notes an information disclosure via invalid lang parameter in pdesk.cgi, but no further data on affected versions, root cause, or fixes is provided here. Monitor for updates.
CVE-2004-1678
Directory traversal vulnerability in pdesk.cgi in PerlDesk allows remote attackers to read portions of arbitrary files and possibly execute arbitrary Perl modules via ".." sequences terminated by a %00 null character in the lang parameter, which can leak portions of the requested files if a...
CVE-2004-1677
pdesk.cgi in PerlDesk allows remote attackers to gain sensitive information via an invalid lang parameter, which includes pathname information in an error message...
CVE-2005-0343
CVE-2005-0343 corresponds to a SQL injection in PerlDesk 1.x via the view parameter, enabling remote attackers to inject arbitrary SQL. Exploitation details in connected Nessus/NASL data indicate network-based, low-complexity access with no authentication, causing partial impact to confidentialit...
CVE-2005-0343
SQL injection vulnerability in PerlDesk 1.x allows remote attackers to inject arbitrary SQL commands via the view parameter...
PerlDesk kb.cgi view Parameter SQL Injection
The remote host is running PerlDesk, a web-based helpdesk application written in Perl. The remote version of this software has several SQL injection vulnerabilities, that could allow an attacker to execute arbitrary SQL statements on the remote database. %NASLMINLEVEL 70300 C Tenable Network...
PerlDesk < 2 kb.cgi view Parameter SQL Injection
Binary data 2597.prm...
[SePro Bugtraq] SQL-Injection in PerlDesk 1.x
SQL-Injection in PerlDesk Discovered by deluxe89 and Astovidatu www.security-project.org Vendor: LogicNow Homepage: http://www.perldesk.com/ Vulnerable versions: 1.x Login required: no Description: "PerlDesk is a feature packed web based help desk and email management application designed to...
PerlDesk 1.x SQL-Injection Exploit
Exploit for cgi platform in category web applications ================================== PerlDesk 1.x SQL-Injection Exploit ================================== !/usr/bin/perl Example: kb.cgi?view=0 UNION SELECT 1,3,password,username,3,7 FROM users Exploit is attached. ./pde.pl...
PerlDesk 1.x - SQL Injection
PerlDesk 1.x - SQL Injection !/usr/bin/perl Example: kb.cgi?view=0 UNION SELECT 1,3,password,username,3,7 FROM users Exploit is attached. ./pde.pl www.internethosting4u.com /perldesk/kb.cgi 148.244.150.58:80 use IO::Socket; print ' PerlDesk exploit Usage: ./pdsploit.pl host path proxy Vunerabilit...
PerlDesk 1.x SQL-Injection Exploit
No description provided by source. !/usr/bin/perl Example: kb.cgi?view=0 UNION SELECT 1,3,password,username,3,7 FROM users Exploit is attached. ./pde.pl www.internethosting4u.com /perldesk/kb.cgi 148.244.150.58:80 use IO::Socket; print ' PerlDesk exploit Usage: ./pdsploit.pl host path proxy...
PerlDesk 1.x - SQL Injection
!/usr/bin/perl Example: kb.cgi?view=0 UNION SELECT 1,3,password,username,3,7 FROM users Exploit is attached. ./pde.pl www.internethosting4u.com /perldesk/kb.cgi 148.244.150.58:80 use IO::Socket; print ' PerlDesk exploit Usage: ./pdsploit.pl host path proxy Vunerability discovered by deluxe89 and...
PerlDesk pdesk.cgi lang Parameter Traversal Arbitrary File Access
The remote host is running PerlDesk, a web-based help desk and email management application written in perl. There is a file inclusion issue in the remote version of this software which may allow an attacker to read fragments of arbitrary files on the remote host and to execute arbirary perl...
Posible Inclusion File in Perl Desk
Posible Inclusion File in Perl Desk 0000-0002 Adv-Nkxtox Date 12/09/04 Author Nikyt0x nikyt0xathotmaildotcom Site Http://nikyt0x.webcindario.com Information PerlDesk is a feature packed web based help desk and email management application designed to streamline the operation of managing emails or...