RSS   Podatności dla 'Sysinfo'   RSS

2006-04-19
 
CVE-2006-1832

 
 
sysinfo.cgi in sysinfo 1.21 allows remote attackers to obtain the installation path via the debugger action.

 
 
CVE-2006-1831

 
 
Direct static code injection vulnerability in sysinfo.cgi in sysinfo 1.21 and possibly other versions before 2.25 allows remote attackers to execute arbitrary commands via a leading ; (semicolon) in the name parameter in a systemdoc action, which is injected into phpinfo.php.

 

Copyright 2024, cxsecurity.com

 

Back to Top