EUVD-2006-2587

Malware in sbrugna...

EUVD-2006-2160

Malware in sbrugna...

EUVD-2006-2161

Malware in sbrugna...

Authentication flaw

ping.php in Russcom.Ping allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter...

CVE-2006-2588

Russcom PHPImages allows remote attackers to upload files of arbitrary types by uploading a file with a .gif extension. NOTE: due to lack of specific information about attack vectors do not depend on the existence of another vulnerability, it is not clear whether this is a vulnerability...

CVE-2006-2588

Russcom PHPImages allows remote attackers to upload files of arbitrary types by uploading a file with a .gif extension. NOTE: due to lack of specific information about attack vectors do not depend on the existence of another vulnerability, it is not clear whether this is a vulnerability...

CVE-2006-2588

CVE-2006-2588 involves Russcom PHPImages, with multiple sources describing that remote attackers could upload files of arbitrary types by using a file with a .gif extension. The entries repeatedly warn that, due to lack of specific information about attack vectors, it is not clear whether this co...

Russcom PHPImages lack of validation

Russcom PHPImages lack of validation Discovered by: Nomenumbra Date: 21/5/2006 impact:moderate Russcom's PHPImages doesn't validate if the uploaded file is an image, it just checks for the extension, thus allowing an attacker to upload php scripts with a .gif extension for example, potentially...

Russcom Ping Remote code execution

Russcom Ping Remote code execution Discovered by: Nomenumbra Date: 21/5/2006 impact:high Remote code execution Russcom's Ping script allows attackers to execute arbitrary code trough command piping after the ip e.g 127.0.0.1 | nc -l -p 666 -e /bin/sh would grant a bindshell Nomenumbra...

CVE-2006-2159

CRLF injection vulnerability in help.php in Russcom Network Loginphp allows remote attackers to spoof e-mails and inject MIME headers via CRLF sequences in the email address...

CVE-2006-2160

Cross-site scripting XSS vulnerability in Russcom Network Loginphp Russcom.Loginphp allows remote attackers to inject arbitrary web script or HTML via the username field when registering...

Crlf injection

CRLF injection vulnerability in help.php in Russcom Network Loginphp allows remote attackers to spoof e-mails and inject MIME headers via CRLF sequences in the email address...

Cross site scripting

Cross-site scripting XSS vulnerability in Russcom Network Loginphp Russcom.Loginphp allows remote attackers to inject arbitrary web script or HTML via the username field when registering...

CVE-2006-2159

CRLF injection vulnerability in help.php in Russcom Network Loginphp allows remote attackers to spoof e-mails and inject MIME headers via CRLF sequences in the email address...

CVE-2006-2160

CVE-2006-2160 describes a cross-site scripting (XSS) vulnerability in Russcom Network Loginphp (Russcom.Loginphp) that allows remote attackers to inject arbitrary web script or HTML via the username field during registration. The available documents confirm the affected component and the input ve...

CVE-2006-2159

CVE-2006-2159 describes a CRLF injection vulnerability in help.php of Russcom Network Loginphp. The issue allows remote attackers to spoof e-mails and inject MIME headers by crafting CRLF sequences in the email address. According to the NVD entry, the vulnerability is exploitable over the network...

CVE-2006-2160

Cross-site scripting XSS vulnerability in Russcom Network Loginphp Russcom.Loginphp allows remote attackers to inject arbitrary web script or HTML via the username field when registering...