CVE-2006-0628

Published: Feb 10, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

myquiz.pl in Dale Ray MyQuiz 1.01 allows remote attackers to execute arbitrary commands via shell metacharacters in the URL, which are not properly handled as part of the PATH_INFO environment variable.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

myquiz-pathinfo-command-execution(24501)

vdb-entry

x_refsource_XF

22925

vdb-entry

x_refsource_OSVDB

20060207 MyQuiz Arbitrary Command Execution Exploit (perl)

mailing-list

x_refsource_BUGTRAQ

http://www.evuln.com/vulns/57/summary.html

x_refsource_MISC

20060203 [eVuln] MyQuiz Arbitrary Command Execution Vulnerability

mailing-list

x_refsource_BUGTRAQ

ADV-2006-0443

vdb-entry

x_refsource_VUPEN

20060209 Vendor ACK for MyQuiz

mailing-list

x_refsource_VIM

http://www.corantodemo.net/coranto/viewnews.cgi?id=EpApAAAVkyirPGThSf&style=dldetails

x_refsource_MISC

409

third-party-advisory

x_refsource_SREASON

18737

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2006-0628

Description

Affected Products

References