Search criteria
7 vulnerabilities by cgi-rescue
CVE-2008-5723 (GCVE-0-2008-5723)
Vulnerability from cvelistv5 – Published: 2008-12-26 17:08 – Updated: 2024-08-07 11:04
VLAI
Summary
Directory traversal vulnerability in CGI RESCUE KanniBBS2000 (aka KanniBBS2000i, MiniBBS2000, and MiniBBS2000i) before 1.03 allows remote attackers to read arbitrary files via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.rescue.ne.jp/whatsnew/blog.cgi/permali… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/32485 | vdb-entryx_refsource_BID |
| http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-0… | third-party-advisoryx_refsource_JVNDB |
| http://jvn.jp/en/jp/JVN86833991/index.html | third-party-advisoryx_refsource_JVN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2008-11-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:04:44.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20081113221811"
},
{
"name": "32485",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32485"
},
{
"name": "JVNDB-2008-000078",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000078.html"
},
{
"name": "JVN#86833991",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN86833991/index.html"
},
{
"name": "minibbs2000-unspecified-directory-traversal(46972)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46972"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in CGI RESCUE KanniBBS2000 (aka KanniBBS2000i, MiniBBS2000, and MiniBBS2000i) before 1.03 allows remote attackers to read arbitrary files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20081113221811"
},
{
"name": "32485",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32485"
},
{
"name": "JVNDB-2008-000078",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000078.html"
},
{
"name": "JVN#86833991",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN86833991/index.html"
},
{
"name": "minibbs2000-unspecified-directory-traversal(46972)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46972"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5723",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in CGI RESCUE KanniBBS2000 (aka KanniBBS2000i, MiniBBS2000, and MiniBBS2000i) before 1.03 allows remote attackers to read arbitrary files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20081113221811",
"refsource": "CONFIRM",
"url": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20081113221811"
},
{
"name": "32485",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32485"
},
{
"name": "JVNDB-2008-000078",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000078.html"
},
{
"name": "JVN#86833991",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN86833991/index.html"
},
{
"name": "minibbs2000-unspecified-directory-traversal(46972)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46972"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5723",
"datePublished": "2008-12-26T17:08:00.000Z",
"dateReserved": "2008-12-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T11:04:44.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4655 (GCVE-0-2007-4655)
Vulnerability from cvelistv5 – Published: 2007-09-04 22:00 – Updated: 2024-08-07 15:01
VLAI
Summary
Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.rescue.ne.jp/whatsnew/blog.cgi/permali… | x_refsource_MISC |
| http://osvdb.org/40147 | vdb-entryx_refsource_OSVDB |
| http://jvn.jp/jp/JVN%2320452446/index.html | third-party-advisoryx_refsource_JVN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://osvdb.org/40146 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/26614 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/25500 | vdb-entryx_refsource_BID |
Date Public
2007-08-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.916Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20070823212803"
},
{
"name": "40147",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/40147"
},
{
"name": "JVN#20452446",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2320452446/index.html"
},
{
"name": "shoppingbasketpro-information-disclosure(36389)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36389"
},
{
"name": "40146",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/40146"
},
{
"name": "26614",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26614"
},
{
"name": "25500",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25500"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20070823212803"
},
{
"name": "40147",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/40147"
},
{
"name": "JVN#20452446",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2320452446/index.html"
},
{
"name": "shoppingbasketpro-information-disclosure(36389)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36389"
},
{
"name": "40146",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/40146"
},
{
"name": "26614",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26614"
},
{
"name": "25500",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25500"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20070823212803",
"refsource": "MISC",
"url": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20070823212803"
},
{
"name": "40147",
"refsource": "OSVDB",
"url": "http://osvdb.org/40147"
},
{
"name": "JVN#20452446",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2320452446/index.html"
},
{
"name": "shoppingbasketpro-information-disclosure(36389)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36389"
},
{
"name": "40146",
"refsource": "OSVDB",
"url": "http://osvdb.org/40146"
},
{
"name": "26614",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26614"
},
{
"name": "25500",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25500"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4655",
"datePublished": "2007-09-04T22:00:00.000Z",
"dateReserved": "2007-09-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:01:09.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0565 (GCVE-0-2007-0565)
Vulnerability from cvelistv5 – Published: 2007-01-30 16:00 – Updated: 2024-08-07 12:26
VLAI
Summary
CGI-Rescue Shopping Basket Professional 7.50 and earlier allows remote attackers to inject arbitrary operating system commands via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://osvdb.org/31622 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/23909 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/22245 | vdb-entryx_refsource_BID |
| http://jvn.jp/jp/JVN%2382258242/index.html | third-party-advisoryx_refsource_JVN |
Date Public
2007-01-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:26:53.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31622",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/31622"
},
{
"name": "23909",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23909"
},
{
"name": "22245",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22245"
},
{
"name": "JVN#82258242",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2382258242/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "CGI-Rescue Shopping Basket Professional 7.50 and earlier allows remote attackers to inject arbitrary operating system commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-03-14T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31622",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/31622"
},
{
"name": "23909",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23909"
},
{
"name": "22245",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22245"
},
{
"name": "JVN#82258242",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2382258242/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0565",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CGI-Rescue Shopping Basket Professional 7.50 and earlier allows remote attackers to inject arbitrary operating system commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31622",
"refsource": "OSVDB",
"url": "http://osvdb.org/31622"
},
{
"name": "23909",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23909"
},
{
"name": "22245",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22245"
},
{
"name": "JVN#82258242",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2382258242/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0565",
"datePublished": "2007-01-30T16:00:00.000Z",
"dateReserved": "2007-01-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:26:53.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0547 (GCVE-0-2007-0547)
Vulnerability from cvelistv5 – Published: 2007-01-29 17:00 – Updated: 2024-08-07 12:19
VLAI
Summary
Cross-site scripting (XSS) vulnerability in CGI-RESCUE WebFORM 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://jvn.jp/jp/JVN%2305123538/index.html | third-party-advisoryx_refsource_JVN |
| http://secunia.com/advisories/23913 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2007/0344 | vdb-entryx_refsource_VUPEN |
| http://osvdb.org/32964 | vdb-entryx_refsource_OSVDB |
Date Public
2007-01-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:19:30.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#05123538",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2305123538/index.html"
},
{
"name": "23913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23913"
},
{
"name": "ADV-2007-0344",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0344"
},
{
"name": "32964",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32964"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in CGI-RESCUE WebFORM 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-02-03T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "JVN#05123538",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2305123538/index.html"
},
{
"name": "23913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23913"
},
{
"name": "ADV-2007-0344",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0344"
},
{
"name": "32964",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32964"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in CGI-RESCUE WebFORM 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#05123538",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2305123538/index.html"
},
{
"name": "23913",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23913"
},
{
"name": "ADV-2007-0344",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0344"
},
{
"name": "32964",
"refsource": "OSVDB",
"url": "http://osvdb.org/32964"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0547",
"datePublished": "2007-01-29T17:00:00.000Z",
"dateReserved": "2007-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:19:30.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4344 (GCVE-0-2006-4344)
Vulnerability from cvelistv5 – Published: 2006-08-24 20:00 – Updated: 2024-08-07 19:06
VLAI
Summary
CRLF injection vulnerability in CGI-Rescue Mail F/W System (formd) before 8.3 allows remote attackers to spoof e-mails and inject e-mail headers via unspecified vectors in (1) mail.cgi and (2) query.cgi.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/19676 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/28131 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/21543 | third-party-advisoryx_refsource_SECUNIA |
| http://jvn.jp/jp/JVN%2311048526/index.html | third-party-advisoryx_refsource_JVN |
| http://www.rescue.ne.jp/whatsnew/blog.cgi/permali… | x_refsource_CONFIRM |
| http://www.vupen.com/english/advisories/2006/3359 | vdb-entryx_refsource_VUPEN |
Date Public
2006-08-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19676",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19676"
},
{
"name": "28131",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/28131"
},
{
"name": "21543",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21543"
},
{
"name": "JVN#11048526",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2311048526/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20060822210549"
},
{
"name": "ADV-2006-3359",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3359"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in CGI-Rescue Mail F/W System (formd) before 8.3 allows remote attackers to spoof e-mails and inject e-mail headers via unspecified vectors in (1) mail.cgi and (2) query.cgi."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-09-13T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19676",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19676"
},
{
"name": "28131",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/28131"
},
{
"name": "21543",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21543"
},
{
"name": "JVN#11048526",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2311048526/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20060822210549"
},
{
"name": "ADV-2006-3359",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3359"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4344",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CRLF injection vulnerability in CGI-Rescue Mail F/W System (formd) before 8.3 allows remote attackers to spoof e-mails and inject e-mail headers via unspecified vectors in (1) mail.cgi and (2) query.cgi."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19676",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19676"
},
{
"name": "28131",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28131"
},
{
"name": "21543",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21543"
},
{
"name": "JVN#11048526",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2311048526/index.html"
},
{
"name": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20060822210549",
"refsource": "CONFIRM",
"url": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20060822210549"
},
{
"name": "ADV-2006-3359",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3359"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4344",
"datePublished": "2006-08-24T20:00:00.000Z",
"dateReserved": "2006-08-24T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:06:07.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2943 (GCVE-0-2006-2943)
Vulnerability from cvelistv5 – Published: 2006-06-12 20:00 – Updated: 2024-08-07 18:06
VLAI
Summary
Unspecified vulnerability in CGI-RESCUE WebFORM 4.1 and earlier allows remote attackers to inject email headers, which facilitates sending spam messages. NOTE: the details for this issue are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/20515 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/18434 | vdb-entryx_refsource_BID |
| http://www.rescue.ne.jp/whatsnew/blog.cgi/permali… | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2006/2234 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://jvn.jp/jp/JVN%2339570254/index.html | third-party-advisoryx_refsource_JVN |
Date Public
2006-06-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:06:27.281Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20515",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20515"
},
{
"name": "18434",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18434"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20060216124645"
},
{
"name": "ADV-2006-2234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2234"
},
{
"name": "form2mail-webform-email-header-injection(27130)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27130"
},
{
"name": "JVN#39570254",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2339570254/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in CGI-RESCUE WebFORM 4.1 and earlier allows remote attackers to inject email headers, which facilitates sending spam messages. NOTE: the details for this issue are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20515",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20515"
},
{
"name": "18434",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18434"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20060216124645"
},
{
"name": "ADV-2006-2234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2234"
},
{
"name": "form2mail-webform-email-header-injection(27130)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27130"
},
{
"name": "JVN#39570254",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2339570254/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2943",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in CGI-RESCUE WebFORM 4.1 and earlier allows remote attackers to inject email headers, which facilitates sending spam messages. NOTE: the details for this issue are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20515",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20515"
},
{
"name": "18434",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18434"
},
{
"name": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20060216124645",
"refsource": "MISC",
"url": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20060216124645"
},
{
"name": "ADV-2006-2234",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2234"
},
{
"name": "form2mail-webform-email-header-injection(27130)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27130"
},
{
"name": "JVN#39570254",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2339570254/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2943",
"datePublished": "2006-06-12T20:00:00.000Z",
"dateReserved": "2006-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:06:27.281Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2944 (GCVE-0-2006-2944)
Vulnerability from cvelistv5 – Published: 2006-06-12 20:00 – Updated: 2024-08-07 18:06
VLAI
Summary
Unspecified vulnerability in CGI-RESCUE FORM2MAIL 1.21 and earlier allows remote attackers to inject email headers, which facilitates sending spam messages. NOTE: the details for this issue are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/20515 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/18434 | vdb-entryx_refsource_BID |
| http://www.rescue.ne.jp/whatsnew/blog.cgi/permali… | x_refsource_MISC |
| http://www.vupen.com/english/advisories/2006/2234 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://jvn.jp/jp/JVN%2339570254/index.html | third-party-advisoryx_refsource_JVN |
Date Public
2006-06-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:06:27.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20515",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20515"
},
{
"name": "18434",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18434"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20060216124645"
},
{
"name": "ADV-2006-2234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2234"
},
{
"name": "form2mail-webform-email-header-injection(27130)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27130"
},
{
"name": "JVN#39570254",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2339570254/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in CGI-RESCUE FORM2MAIL 1.21 and earlier allows remote attackers to inject email headers, which facilitates sending spam messages. NOTE: the details for this issue are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20515",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20515"
},
{
"name": "18434",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18434"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20060216124645"
},
{
"name": "ADV-2006-2234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2234"
},
{
"name": "form2mail-webform-email-header-injection(27130)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27130"
},
{
"name": "JVN#39570254",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2339570254/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2944",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in CGI-RESCUE FORM2MAIL 1.21 and earlier allows remote attackers to inject email headers, which facilitates sending spam messages. NOTE: the details for this issue are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20515",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20515"
},
{
"name": "18434",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18434"
},
{
"name": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20060216124645",
"refsource": "MISC",
"url": "http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20060216124645"
},
{
"name": "ADV-2006-2234",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2234"
},
{
"name": "form2mail-webform-email-header-injection(27130)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27130"
},
{
"name": "JVN#39570254",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2339570254/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2944",
"datePublished": "2006-06-12T20:00:00.000Z",
"dateReserved": "2006-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:06:27.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}