Vulnerabilities > CVE-2006-1576 - Unspecified vulnerability in Vscripts.Pl Qlnews 1.2

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

vscripts-pl

NVD

Published: 2006-04-02

Updated: 2024-11-21

Summary

Direct static code injection vulnerability in QLnews 1.2 allows remote authenticated administrators to execute arbitrary PHP code by modifying config.php.

Vulnerable Configurations

Part	Description	Count
Application	Vscripts.Pl Vscripts.Pl Qlnews 1.2	1

References

http://evuln.com/vulns/113/description.html
http://evuln.com/vulns/113/description.html
http://secunia.com/advisories/19479
http://secunia.com/advisories/19479
http://www.osvdb.org/24291
http://www.osvdb.org/24291
http://www.securityfocus.com/archive/1/430741/100/0/threaded
http://www.securityfocus.com/archive/1/430741/100/0/threaded
http://www.securityfocus.com/bid/17335
http://www.securityfocus.com/bid/17335
https://exchange.xforce.ibmcloud.com/vulnerabilities/25548
https://exchange.xforce.ibmcloud.com/vulnerabilities/25548