2 matches found
CVE-2006-0777
Guestex (Guestex 1.0) contains a command injection in guestex.pl: the email parameter is not sanitized, allowing remote attackers to execute arbitrary shell commands. Exploit available; no patch reported in the sources. Impact per CVSS notes partial confidentiality, integrity, and availability lo...
CVE-2006-0776
Guestex 1.0 (Teca Scripts Guestex) is affected by a Cross‑Site Scripting (XSS) vulnerability in guestex.pl where the url parameter is not properly sanitized, allowing remote attackers to inject arbitrary web script or HTML. This is documented in CVE-2006-0776 with details from NVD. No remediation...