WEB APPLICATION VULNERABILITIES Standard & Premium

e107 Other Vulnerability (CVE-2005-2559)

Description

doping.php in ePing plugin 1.02 and earlier for e107 portal allows remote attackers to execute arbitrary code or overwrite files via (1) shell metacharacters in the eping_count parameter or (2) restricted shell metacharacters such as ">" and "&" in the eping_host parameter, which is not handled by the validation function.

Remediation

References

Related Vulnerabilities

WordPress 4.2.x Possible SQL Injection Vulnerability (4.2 - 4.2.16)

Apache Traffic Server CVE-2023-44487 Vulnerability (CVE-2023-44487)

WebLogic CVE-2022-21616 Vulnerability (CVE-2022-21616)

Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000484)

WordPress Plugin UserPro-Community and User Profile Cross-Site Scripting (4.9.33)

Severity

High

Classification

CVE-2005-2559

Tags

Missing Update Known Vulnerabilities