Vulnerabilities > CVE-2006-0782 - Input Validation and Information Disclosure vulnerability in Perlblog 1.08/1.09/1.09B

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
perlblog

Summary

Unspecified vulnerability in weblog.pl in PerlBlog 1.09b and earlier allows remote attackers to create arbitrary files and possibly execute arbitrary code via unspecified attack vectors related to improper handling of (1) the reply parameter, possibly involving injection of (2) the name parameter and (3) the body parameter.

Vulnerable Configurations

Part Description Count
Application
Perlblog
3

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/44282/EV0081.txt
idPACKETSTORM:44282
last seen2016-12-05
published2006-03-02
reporterAliaksandr Hartsuyeu
sourcehttps://packetstormsecurity.com/files/44282/EV0081.txt.html
titleEV0081.txt