Vulnerabilities > CVE-2006-0628 - Unspecified vulnerability in Dale RAY Myquiz 1.01
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN dale-ray
exploit available
Summary
myquiz.pl in Dale Ray MyQuiz 1.01 allows remote attackers to execute arbitrary commands via shell metacharacters in the URL, which are not properly handled as part of the PATH_INFO environment variable.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | MyQuiz 1.01 (PATH_INFO) Arbitrary Command Execution Exploit. CVE-2006-0628. Webapps exploit for cgi platform |
| id | EDB-ID:1471 |
| last seen | 2016-01-31 |
| modified | 2006-02-06 |
| published | 2006-02-06 |
| reporter | Hessam-x |
| source | https://www.exploit-db.com/download/1471/ |
| title | MyQuiz 1.01 PATH_INFO Arbitrary Command Execution Exploit |
References
- http://attrition.org/pipermail/vim/2006-February/000537.html
- http://attrition.org/pipermail/vim/2006-February/000537.html
- http://secunia.com/advisories/18737
- http://secunia.com/advisories/18737
- http://securityreason.com/securityalert/409
- http://securityreason.com/securityalert/409
- http://www.corantodemo.net/coranto/viewnews.cgi?id=EpApAAAVkyirPGThSf&style=dldetails
- http://www.corantodemo.net/coranto/viewnews.cgi?id=EpApAAAVkyirPGThSf&style=dldetails
- http://www.evuln.com/vulns/57/summary.html
- http://www.evuln.com/vulns/57/summary.html
- http://www.osvdb.org/22925
- http://www.osvdb.org/22925
- http://www.securityfocus.com/archive/1/423921/100/0/threaded
- http://www.securityfocus.com/archive/1/423921/100/0/threaded
- http://www.securityfocus.com/archive/1/424266/100/0/threaded
- http://www.securityfocus.com/archive/1/424266/100/0/threaded
- http://www.vupen.com/english/advisories/2006/0443
- http://www.vupen.com/english/advisories/2006/0443
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24501
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24501